Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 downloads before removal.

Microsoft has warned that threat actors are exploiting seemingly legitimate Next. js repositories to compromise software developers, embedding staged backdoors inside projects that mimic technical ...

新型安全问题，再次拉响警报。近日，研究人员发现了一种大规模的、类似“沙虫”（Shai-Hulud）的NPM 供应链蠕虫，正在侵入开发者的电脑、CI 流水线以及 AI 编程工具。 安全公司 Socket 的研究人员揭露了这场正在发起的新型攻击行为，并将其命名为 SANDWORM_MODE。该名称源自恶意软件运行逻辑中嵌入的 “SANDWORM_*” 环境变量开关。 从拼写错误到全面接管 研究发现，至 ...

Backend development is mainly defined by the library used to develop it. Choosing modern, optimized Node.js libraries directly impacts scal ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Attackers used “technical assessment” projects with repeatable naming conventions to blend in cloning and build workflows, retrieving loader scripts from remote infrastructure, and minimizing on-disk ...

Claude-Mem 通过自动捕获工具输出（通常为 1000～10000 个 Token），并借助 Claude Agent SDK 将其压缩为约 500 Token 的语义化观测记录。这些记录会按类型分类（决策、Bug 修复、功能、重构、发现、变更），并打上相关概念与文件引用标签，随后存入具备全文检索能力的本地 SQLite 数据库。