Researchers at Aikido Security discovered 151 malicious packages using invisible Unicode characters to hide executable code from human reviewers and static analysis tools, while remaining visible to JavaScript interpreters. The attack leverages LLM-generated convincing legitimate code changes and has been observed across GitHub, NPM, and Open VSX repositories, with decoded payloads capable of stealing tokens and credentials.
A comprehensive analysis and search engine for 7,500+ MCP (Model Context Protocol) servers aggregated from NPM, PyPI, GitHub, and the official MCP registry, revealing ecosystem composition, discovery challenges, and real agent usage patterns. The author built a search tool (Meyhem) that surfaces quality servers using community signals and relevance ranking, logging 2,000+ searches showing diverse agent use cases.
PhantomRaven is an ongoing supply-chain campaign distributing 88+ malicious npm packages using typosquatting and Remote Dynamic Dependencies (RDD) to evade detection. The malware steals CI/CD tokens, credentials, and system information from developers, exfiltrating data to attacker-controlled C2 servers.