The Hacker News

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...
SecurityWeek

New ‘Sandworm_Mode’ Supply Chain Attack Hits NPM

Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.
CSO Online

Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a ...
Live Bitcoin News

npm Worm Steals Crypto Keys, Targets 19 Packages

A self-replicating npm worm dubbed SANDWORM_MODE hits 19+ packages, harvesting private keys, BIP39 mnemonics, wallet files and LLM API keys from dev environments.
Computerworld

New worm targets same systems as Code Red

A new and potentially more serious computer worm that tries to exploit the same security hole as the Code Red worm began circulating over the weekend, according to warnings issued by multiple research ...
FinanceFeeds

What Is a Crypto Worm? Blockchain Security Risks Explained

Discover what a crypto worm is and how this self-replicating form of crypto-malware exploits blockchain vulnerabilities ...
InfoWorld

New npm worm hits CI pipelines and AI coding tools

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.