The Miasma worm spreads across Microsoft repositories on GitHub, demonstrating critical vulnerability of centrally managed development ecosystems to self-replicating attack malware.
The JINX-0164 group compromises crypto developers through fake LinkedIn job interviews to deploy the Python malware AUDIOFIX, which steals passwords, SSH keys, and cryptocurrency wallet data.
A supply-chain attack on Red Hat npm packages exploits install-time execution and credential harvesting to infiltrate developer and CI/CD systems with self-propagating malware.
An npm package disguised as an OpenAI Codex interface with 29,000 weekly downloads steals authentication tokens and enables attackers to abuse APIs under stolen identities.
Attackers have infected a popular npm package (codexui-android, ~27,000 weekly downloads) with malware that steals long-lived OpenAI tokens while successfully evading code audits and Google Play reviews.