The OpenSourceMalware Show #11
NPM account lockout protection, GitHub Enterprise credential revocation, researcher-deployed malware, and an FBI notice on Team PCP
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
BLOG
Security research and threat intelligence on open-source supply-chain attacks.
NPM account lockout protection, GitHub Enterprise credential revocation, researcher-deployed malware, and an FBI notice on Team PCP
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
Version sandwiching, blockchain C2 reuse, cross-ecosystem attacks, dynamic imports, and payload splitting
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
Mastra compromise, agentjacking, and malware mythbusting
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
A malicious transitive dependency hit 140+ npm packages, with tradecraft matching the Axios compromise
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
MSFT unpublished 73 repos, VS Code extension cooldowns, npm v12, Miasma open-sourced, and package firewalls
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
NPM package manager (v12) closes serious security gaps, including making install scripts opt-in, but implementing it may not have the intended outcomes.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
We surfaced three trends about malware: npm and PyPI growing at similar rates, ATOs aren’t the only risk, and threat actors targeted non-developers.
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
A terms of use violation triggered repos for Microsoft and Azure to go down for investigations - signs point to Miasma npm malware
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
We surfaced three trends about malware: npm and PyPI growing at similar rates, ATOs aren’t the only risk, and threat actors targeted non-developers.
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
Miasma npm worm targets Red Hat via trusted publishing abuse, OpenSourceMalware 2026 threat data, and the gray-area Moika campaign.
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
OSV false positives, Crowdstrike takedown of Glassworm infra, and MSFT nukes a researcher
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
npm staged publishing, DPRK's Axios-linked packages, TeamPCP's biggest npm maintainer compromise yet, and how a poisoned VS Code extension led to a GitHub emplo
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
TeamPCP compromised npm maintainers atool and prop, republishing 324 packages including the AntV suite across 645 versions. IOCs and remediation steps inside.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Three malicious NPM packages connected to the March Axios compromise have been quietly harvesting developer credentials since early April
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
npm lifecycle scripts and VS Code tasks.json are productivity features that threat actors have learned to weaponize triggering malware
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
RubyGems bot attack, ShinyHunters ransom Canvas, and the latest on Mini Shai-Hulud.
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
TeamPCP's self-spreading npm worm "Mini Shai-Hulud" has compromised 170 npm packages and crossed into PyPI.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
git hook persistence, Antrea compromise, Dirty Frag, cPanel exploitation, interpreted language malware
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
The Contagious Interview and TaskJacker campaigns now hides the stage-2 loader inside git hooks that download InvisibleFerret and Beavertail malware
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
The Antrea open-source Kubernetes project was attacked via its Jenkins integration on May 2 by an unknown threat actor who opened a malicious pull request,
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Lovable and Vercel security incidents, a crazy git push RCE exploit, EDR vs AI agents, and the Mini-Shai-Hulud attack
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
TeamPCP compromises Bitwarden, npm lifecycle scripts, OWASP's npm security cheat sheet
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
Mini Shai-Hulud is a malicious npm worm by TeamPCP. It weaponizes tasks.json files, a technique first seen in North Korean Lazarus Group campaigns.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Agentic platforms like Lovable, Claude, and Codex cause unexpected security anti-patterns
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Dozens of malicious npm packages to targeting AI companies, luxury brands, and venture capital firms.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
This North Korean attack has compromised 1,951 unique repositories belonging to 1,047 unique owners - a 3x growth since the campaign's discovery
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
The npm package @velora-dex/sdk version 9.4.1 contains malicious code that automatically downloads and executes a shell script from a remote server when the
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Lazarus Group compromises GitHub repositories by implanting a malicious, obfuscated JavaScript payload.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Account takeovers are some of the most harmful malware campaigns. Many start by compromising a maintainer account through social engineering.
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
New threat campaign using PureHVNC has been tied to TeamPCP.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
A technical deep-dive into the next generation of DPRK attacks that borrows from Shai-hulud and Contagious Interview to compromise dozens of GitHub users
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
The Axios NPM package has been compromised and the maintainer of the project has been locked out of their account. This will go down in history as one of the
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
TeamPCP executed a cascading multi-phase supply chain attack that started with a single unrevoked credential stolen from Trivy's CI pipeline.
By cb482791-4ef1-4762-96ad-b0ca4bdd538e ·
TeamPCP compromised the LiteLLM maintainer's PyPI account and published malicious versions that steal credentials from every Python process on the host.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
TeamPCP compromised the aquasec-com GitHub organization, renaming all 44 repositories and exposing internal source code, CI/CD configs, and knowledge bases.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
The latest Glassworm attack compromised 430+ GitHub projects by leveraging four different ecosystems
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
DPRK threat actors compromised Neutralinojs as part of a larger attack that utilizes stolen GitHub credentials to force-push backdated malicious commits
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
A malware campaign weaponizes npm to extort crypto payments from developers during package installation
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Threat actors evolved ClawHub malware by moving payloads to convincing fake websites, allowing them to completely circumvent VirusTotal scans.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Malicious ClawdBot skills target ByBit, Polymarket, Axiom, Reddit and LinkedIn, installing malware on unsuspecting OpenClaw user machines.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
“Lazarus Group's Fake Font campaign abuses VS Code task automation to silently execute BeaverTail malware, delivering the InvisibleFerret backdoor”
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
At least 21 small OSS maintainers hit in 72 hours via malicious VS Code task configurations
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
A single NPM package that led us to the Lazarus Groups latest campaign targeting software engineers using fake recruiters on LinkedIn, Fiverr and UpWork.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
North Korean threat actors are hiding multi-stage malware droppers in VSCode configuration files, disguised as spell-check dictionaries.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
This campaign includes 36 individual packages spread across 23 different NPM users.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
Lazarus Group evolves their developer-focused campaign to hide malware in VS Code tasks.json files
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·
NPM was flooded with junk packages that waste infrastructure resources, pollute search results, and creates supply chain risks if devs accidentall consume them.
By c0a15726-c5b1-4b0d-85e6-fe15553df9e2 ·