The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
Cryptopolitan

dYdX targeted as malicious packages empty its user wallets

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.