Modern attackers increasingly operate at the browser level, where traditional endpoint and network security controls apply, but browser-specific controls are absent.
An unpatched URI handler vulnerability in Windows Search allows attackers to extract NTLMv2 hashes and potentially gain access to Windows authentication tokens.
At least 32 Red Hat npm packages were infected with a credential stealer that simultaneously manipulated GitHub workflows to publish additional packages with forged SLSA attestations and expand supply chain access.
A supply-chain attack on Red Hat npm packages exploits install-time execution and credential harvesting to infiltrate developer and CI/CD systems with self-propagating malware.
An npm package disguised as an OpenAI Codex interface with 29,000 weekly downloads steals authentication tokens and enables attackers to abuse APIs under stolen identities.