Breaking down North Korea's continuation of the BeaverTail campaign
Breaking down North Korea's continuation of the BeaverTail campaign
vs
Dear developers, please stop obfuscating your code.
moika.tech. It's just telemetry. I promise.
300 packages on NPMJS, credential theft, token exfil and a reverse-SSH RAT calling moika.tech. Full malware and analysis of this ongoing campaign.
There's a fish in my git
intercom–client@7.0.4 - Malware Analysis
A comprehensive analysis of npm package intercom-client@7.0.4 malware, as part of the Shai Hulud 3 campaign
I'm Forever Curling Buckets
A look inside how your mates' football apps actually work.