malicious-package

3 articles
sort: new top best
clear filter
bug-bounty536 xss296 rce173 google145 bragging-post121 exploit121 account-takeover120 facebook117 privilege-escalation105 malware99 open-source98 microsoft97 authentication-bypass95 csrf87 cve80 access-control77 stored-xss75 web-security68 ai-agents68 writeup66 reflected-xss63 phishing62 ssrf55 input-validation55 reverse-engineering53 information-disclosure53 sql-injection51 api-security51 apple49 smart-contract49 cross-site-scripting49 defi48 privacy47 tool46 ethereum45 ai-security44 vulnerability-disclosure44 browser39 credential-theft39 web-application38 llm38 web337 burp-suite37 automation37 opinion37 remote-code-execution37 race-condition36 lfi36 supply-chain35 authentication35
0 4/10
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
threat-intel

Five malicious Rust crates published to crates.io between late February and early March impersonate time-related utilities to steal .env files and developer secrets from CI/CD pipelines. The packages use typosquatting tactics to masquerade as legitimate time APIs and are distributed via an AI bot.

supply-chain-attack malicious-package rust crates.io ci-cd-pipeline credential-theft env-file-exfiltration typosquatting ai-bot developer-secrets
chrono_anchor dnp3times time_calibrator time_calibrators time-sync crates.io timeapi.io Socket
thehackernews.com · [email protected] (The Hacker News) · 3 days ago · details
0 3/10
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
threat-intel

A malicious npm package (@openclaw-ai/openclawai) impersonating OpenClaw installer was discovered deploying a RAT and stealing macOS credentials. The package was uploaded March 3, 2026 and downloaded 178 times before discovery.

npm-supply-chain malicious-package rat-remote-access-trojan credential-theft macos typosquatting package-registry
@openclaw-ai/openclawai OpenClaw
thehackernews.com · [email protected] (The Hacker News) · 5 days ago · details
0 3/10
Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux
threat-intel

Three malicious PHP packages on Packagist disguised as Laravel utilities were discovered distributing a cross-platform remote access trojan (RAT) capable of compromising Windows, macOS, and Linux systems. The packages—lara-helper, simple-queue, and lara-swagger—achieved limited distribution (29-49 downloads each) before being flagged by security researchers.

supply-chain-attack malicious-package packagist php laravel rat remote-access-trojan cross-platform malware windows macos linux
Packagist Laravel nhattuanbl/lara-helper nhattuanbl/simple-queue nhattuanbl/lara-swagger
thehackernews.com · [email protected] (The Hacker News) · 10 days ago · details