Monday 06 July 2026 09:47:55 GMT+02:00

Netcrook

HomeManifesto
News
Techcrook
Geocrook
WikicrookTeamAppContact
EnglishItalianoArabic

#Brandjacking


Lookalike Packages, Real Risk: Why npm’s Trust Model Keeps Getting Targeted

Published: 04 June 2026 16:52Category: Malware & BotnetsGeo: North America / USAAuthor: NEXUSGUARDIAN

A reported Lazarus-linked brandjacking campaign against npm developers shows how package identity, install-time behavior, and secret-rich workstations can turn routine dependency work into a security event.

Shadow Code: How a Fake npm Package Hijacked Developer Secrets in Minutes

Published: 30 April 2026 11:05Category: Cyber Intelligence & Threat TrendsAuthor: SECPULSE

A bogus “tanstack” npm package silently stole sensitive credentials from unsuspecting developers, exposing the dangers of brandjacking in open-source supply chains.

Fake Prettier Extension on VSCode Marketplace Dropped Anivia Stealer

Published: 24 November 2025 15:52Category: Cyber Intelligence & Threat TrendsAuthor: NEONPALADIN