Shai-hulud npm attack: What you need to know
RL researchers detected the first self-replicating worm that compromised npm packages with cloud token-stealing malware. Here's what you need to know.
Karlo Zanki
Reverse Engineer at ReversingLabs
Posts from Karlo Zanki
Shai-hulud npm attack: What you need to know
Compromised npm package threatens projects
The eslint-config-prettier package exposed more than 10,000 dependent projects. The incident highlights the growing risks in automated dependency updating.
Malicious attack method on hosted ML models now targets PyPI
RL researchers detected a new malicious campaign that exploits the Pickle file format on the Python Package Index.
Backdoor implant discovered on PyPI posing as debugging utility
RL researchers detected a sophisticated, malicious package believed to be an ongoing campaign that may be linked to a hacktivist gang.
Same name, different hack: PyPI package targets Solana developers
A new Python package revives the name of a malicious module to steal source code and secrets from blockchain developers’ machines.
Malicious ML models discovered on Hugging Face platform
Software development teams working on machine learning take note: RL threat researchers have identified nullifAI, a novel attack technique used on Hugging Face.
Compromised ultralytics PyPI package delivers crypto coinminer
A compromised build environment led to a malicious deployment of a popular AI library that had the potential of delivering other malware.
Malicious PyPI crypto pay package aiocpa implants infostealer code
The incident demonstrates how machine learning-based threat hunting can help development teams spot threats other tools miss.
Fake recruiter coding tests target devs with malicious Python packages
RL found the VMConnect campaign continuing with malicious actors posing as recruiters, using packages and the names of financial firms to lure developers.