bug-bounty515
xss283
rce169
google155
facebook131
microsoft123
exploit120
account-takeover118
bragging-post117
malware116
cve96
privilege-escalation92
open-source88
csrf87
authentication-bypass83
stored-xss75
phishing70
access-control69
ai-agents66
web-security64
reflected-xss63
apple59
input-validation53
reverse-engineering51
sql-injection51
writeup51
ssrf49
cross-site-scripting49
smart-contract48
defi48
api-security47
ethereum45
dos44
information-disclosure44
tool43
privacy43
supply-chain41
browser40
web-application39
cloudflare39
vulnerability-disclosure37
lfi37
web337
burp-suite37
race-condition36
opinion36
automation36
ai-security36
llm35
responsible-disclosure34
0
5/10
PhantomRaven is an ongoing supply-chain campaign distributing 88+ malicious npm packages using typosquatting and Remote Dynamic Dependencies (RDD) to evade detection. The malware steals CI/CD tokens, credentials, and system information from developers, exfiltrating data to attacker-controlled C2 servers.
supply-chain-attack
npm
malware
package-squatting
typosquatting
data-exfiltration
credential-theft
ci-cd-compromise
remote-dynamic-dependencies
detection-evasion
javascript
threat-intel
phantomraven
PhantomRaven
Koi
Endor Labs
npm
Babel
GraphQL Codegen
GitHub
GitLab
Jenkins
CircleCI
Amazon EC2
Bill Toulas