bug-bounty519
xss287
rce175
google162
facebook137
microsoft133
exploit129
malware124
account-takeover118
bragging-post117
cve104
privilege-escalation95
open-source88
csrf87
authentication-bypass83
stored-xss75
phishing73
access-control69
ai-agents66
web-security64
reflected-xss63
apple61
writeup56
input-validation53
reverse-engineering53
sql-injection51
ssrf50
cross-site-scripting49
smart-contract48
defi48
api-security47
dos45
ethereum45
information-disclosure44
tool43
supply-chain43
privacy43
browser41
web-application39
cloudflare39
lfi38
burp-suite37
race-condition37
vulnerability-disclosure37
web337
automation36
opinion36
ai-security36
ctf36
oauth36
0
5/10
PhantomRaven is an ongoing supply-chain campaign distributing 88+ malicious npm packages using typosquatting and Remote Dynamic Dependencies (RDD) to evade detection. The malware steals CI/CD tokens, credentials, and system information from developers, exfiltrating data to attacker-controlled C2 servers.
supply-chain-attack
npm
malware
package-squatting
typosquatting
data-exfiltration
credential-theft
ci-cd-compromise
remote-dynamic-dependencies
detection-evasion
javascript
threat-intel
phantomraven
PhantomRaven
Koi
Endor Labs
npm
Babel
GraphQL Codegen
GitHub
GitLab
Jenkins
CircleCI
Amazon EC2
Bill Toulas