GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...
CSO Online

North Korean fake IT worker tradecraft exposed

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...
The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and ...
The Hacker News

UNC6426 Exploits nx npm Supply-Chain Attack to Gain AWS Admin Access in 72 Hours

UNC6426 used stolen GitHub tokens from the 2025 nx npm breach to gain AWS admin access in under 72 hours, enabling data theft ...
Cryptopolitan

Security analysts raise OpenClaw impersonator alarm as ai agents hit peak popularity

A malicious npm package disguised as a legitimate AI tool to install the virally popular OpenClaw, but designed to steal system passwords and crypto wallets, ...
CSO Online

Devs looking for OpenClaw get served a GhostClaw RAT

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a ...
GitHub

learn-nodejs-hard-way

You can access the current version of the book in the chapters directory or in PDF format (both Light and Dark modes are available) by clicking here. Note that this ...
GitHub

SeiJS is a monorepo that contains multiple NPM libraries for writing applications that interact with Sei.

SeiJS consists of smaller NPM packages within the @sei-js namespace. For more detailed documentation on each package, please refer to the table below.