ShadyPanda abused browser extensions for seven years, turning 4.3M installs into a multi-phase surveillance and hijacking ...
Charlie Eriksen, a researcher at Aikido, identified the infected libraries and confirmed each detection manually to minimize ...
The China-based cyber-threat group has been using malicious extensions on the Google Chrome and Microsoft Edge marketplaces ...
A popular JavaScript cryptography library is vulnerable in a way which could allow threat actors to break into user accounts.
AI attacks, code flaws, and large-scale web breaches in 2025 forced new security rules and continuous monitoring for all ...
According to researchers at cybersecurity firm Koi, a China-based hacking syndicate known as ShadyPanda is actively ...
A researcher reported that more than 400 NPM libraries, including a cluster of ENS-linked crypto packages, were breached by ...
Shai-Hulud malware infiltrates 490 NPM packages, stealing API keys and credentials from ENS and major crypto development ...
A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote ...
Google promoted Chrome 143 to the stable channel with patches for 13 vulnerabilities reported by external researchers.
A vulnerability in the 'node-forge' package, a popular JavaScript cryptography library, could be exploited to bypass ...
A seven-year browser extension campaign has infected 4.3 million Chrome and Edge users. The group responsible, tracked as ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback