JFrog has uncovered GhostClaw, a fake OpenClaw npm package that stole Keychain passwords, cloud credentials, and crypto wallets from 178 macOS developers.
CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.
A suite of new malware tools has been identified by Google Threat Intelligence, including one that can steal crypto private keys and sensitive data.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results