Npm

North Korea's Lazarus Group targets blockchain developers with fake recruitment campaign distributing RAT malware through 36 poisoned npm and PyPI packages.

CVE-2025-68428 enables path traversal in the popular JavaScript PDF library, allowing attackers to read arbitrary files from Node.js servers and exfiltrate them via generated documents.

Supply chain attack disguised as working WhatsApp API library stole credentials, messages, and linked attacker devices to victim accounts. 56,000+ downloads since May.