Bleeping Computer

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP platforms were discovered stealing authentication credentials or blocking ...
Hosted on MSN

SAP npm hack steals developer credentials in supply-chain breach

Massive npm compromise: Four widely used SAP npm packages were hijacked with credential-stealing malware, potentially affecting thousands of builds. AI tool manipulation: Attackers embedded ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
Bleeping Computer

New stealthy Quasar Linux malware targets software developers

A previously undocumented Linux implant named Quasar Linux (QLNX) is targeting developers' systems with a mix of rootkit, backdoor, and credential-stealing capabilities. The malware kit is deployed in ...