Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Infosecurity Magazine

Serverless Phishing Kit on GitHub Targets Mexican Banks

Group-IB framed GitBait as part of a broader shift in which criminals lean on everyday cloud services and ready-made kits ...