-
Malicious npm package steals WhatsApp accounts and messages
A malicious package in the Node Package Manager (NPM) registry poses as a legitimate WhatsApp Web API library to steal WhatsApp messages, collect contacts, and gain access to the account.
- December 22, 2025
- 11:08 AM
0
-
Malicious VSCode Marketplace extensions hid trojan in fake PNG file
A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with malware hidden inside dependency folders.
- December 11, 2025
- 03:54 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Google backpedals on new Android developer registration rules
Google is backpedaling on its decision to introduce new identity verification rules for all developers, stating that it will also introduce accounts for limited app distribution and will allow users to install apps from unverified devs.
- November 14, 2025
- 06:54 AM
- 4
-
PhantomRaven attack floods npm with credential-stealing packages
An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
- October 29, 2025
- 12:26 PM
- 0
-
Microsoft waives fees for Windows devs publishing to Microsoft Store
Microsoft announced that, starting today, individual Windows developers will no longer have to pay for publishing their applications on the Microsoft Store.
- September 10, 2025
- 02:21 PM
- 3
-
Google to verify all Android devs to protect users from malware
Google is introducing a new defense for Android called 'Developer Verification' to block malware installations from sideloaded apps sourced from outside the official Google Play app store.
- August 26, 2025
- 06:23 PM
- 0
-
Dev gets 4 years for creating kill switch on ex-employer's systems
A software developer has been sentenced to four years in prison for sabotaging his ex-employer's Windows network with custom malware and a kill switch that locked out employees when his account was disabled.
- August 21, 2025
- 07:46 PM
- 7
-
Mozilla warns of phishing attacks targeting add-on developers
Mozilla has warned browser extension developers of an active phishing campaign targeting accounts on its official AMO (addons.mozilla.org) repository.
- August 04, 2025
- 06:00 AM
- 0
-
New wave of ‘fake interviews’ use 35 npm packages to spread malware
A new wave of North Korea's 'Contagious Interview' campaign is targeting job seekers with malicious npm packages that infect dev's devices with infostealers and backdoors.
- June 25, 2025
- 03:24 PM
- 0
-
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years.
- May 08, 2025
- 02:51 PM
- 0
-
Malicious PyPi package steals Discord auth tokens from devs
A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.
- January 17, 2025
- 02:16 PM
- 0
-
Microsoft issues urgent dev warning to update .NET installer link
Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use 'azureedge.net' domains to install .NET components, as the domain will soon be unavailable due to the bankruptcy and imminent shutdown of CDN provider Edgio.
- December 30, 2024
- 10:06 AM
- 13
-
Undercover North Korean IT workers now steal data, extort employers
North Korean IT professionals who trick Western companies into hiring them are stealing data from the organization's network and asking for a ransom to not leak it.
- October 17, 2024
- 02:01 PM
- 0
-
Fake password manager coding test used to hack Python developers
Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware.
- September 11, 2024
- 05:09 PM
- 2
-
Apple iOS 18.1 Beta previews Apple Intelligence for the first time
Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews.
- July 29, 2024
- 03:49 PM
- 0
-
Roblox vendor data breach exposes dev conference attendee info
Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees.
- July 08, 2024
- 09:56 AM
- 0
-
Russian TrickBot malware dev sentenced to 64 months in prison
Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the Trickbot malware used in attacks against hospitals, companies, and individuals worldwide.
- January 25, 2024
- 01:52 PM
- 0
-
TrickBot malware dev pleads guilty, faces 35 years in prison
On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware, which was used in attacks against hospitals, companies, and individuals in the United States and worldwide.
- December 01, 2023
- 04:51 PM
- 0
-
Malicious NuGet packages abuse MSBuild to install malware
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily.
- October 31, 2023
- 10:23 AM
- 0
-
Microsoft Defender Antivirus gets ‘performance mode’ for Dev Drives
Microsoft has introduced a new Microsoft Defender capability named "performance mode" for developers on Windows 11, tuned to reduce the impact of antivirus scans when analyzing files stored on Dev Drives.
- May 26, 2023
- 03:42 PM
- 0
.jpg)
