The Hacker News

27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...
The Hacker News

Researchers Spot Modified Shai-Hulud Worm Testing Payload on npm Registry

A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...

New Shai Hulud 3.0 malware variant raises fresh supply chain security concerns

A newly discovered third variant of the Shai Hulud malware is raising fresh concerns about the security of the open-source software supply chain, as researchers warn that the latest version shows more ...
Cybernews

New Shai-Hulud 3.0 variant discovered, closing out 2025 with a malware bang

A new strain of the Shai Hulud worm is discovered by researchers, signaling the self-propagating supply chain threat ...
IEEE

From Static to AI-Driven Detection: A Comprehensive Review of Obfuscated Malware Techniques

Abstract: The frequency of cyber attacks targeting individuals, businesses, and organizations globally has escalated in recent years. The evolution of obfuscated malware, designed to evade detection, ...