Tag
#socket
2 stories taggedsocket.

Threat Intelligence
Fake Paysafe and Skrill SDKs on npm and PyPI Went After Developers' Secrets
A single attacker uploaded 17 lookalike payment packages that quietly stole API keys, cloud credentials and GitHub tokens from anyone who installed them.
4 min

Threat Intelligence
Eight Packagist Projects Hijacked to Pull Linux Payload From GitHub Releases
The injected code lived in package.json, not composer.json, and targeted JavaScript-shipping Composer projects.
2 min