#token-theft

[ follow ]
#npm-malware #supply-chain-compromise #shai-hulud #npm #supply-chain-security #tea-protocol #saas-security #oauth
Information security
fromThe Hacker News
1 week ago

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new, modified Shai Hulud npm malware strain was uploaded via @vietmoney/react-big-calendar, showing obfuscated code and potential worm-like supply-chain propagation.
Information security
fromInfoWorld
1 month ago

Worm flooding npm registry with token stealers still isn't under control

A massive coordinated campaign has created over 153,000 malicious npm packages that steal Tea Protocol tokens and threaten open-source supply chain trust.
Information security
fromThe Hacker News
3 months ago

SaaS Breaches Start with Tokens - What Security Teams Must Watch

Stolen OAuth and API tokens enable attackers to bypass MFA and access SaaS systems, making token hygiene and rotation critical to prevent breaches.
[ Load more ]