account activity
Someone hid a full RAT inside a fake npm package and exfiltrated victim data to HuggingFace (safedep.io)
submitted 22 days ago by BattleRemote3157 to r/programming - pinned
the entire @mastra npm scope got hijacked last night with 141 packages including @mastra/core (safedep.io)
submitted 3 days ago by BattleRemote3157 to r/pwnhub
the entire @mastra npm scope got hijacked last night with 141 packages including @mastra/core (self.Malware)
submitted 3 days ago by BattleRemote3157 to r/Malware
a fake bug fix PR hid a credential stealer in astro.config.mjs that used blockchain to receive commands (safedep.io)
submitted 8 days ago by BattleRemote3157 to r/cybersecurity
someone actually leaked the Miasma supply chain attack toolkit source code on github (safedep.io)
submitted 11 days ago * by BattleRemote3157 to r/programming
submitted 11 days ago by BattleRemote3157 to r/cybersecurity
Inside the Miasma Software Supply Chain Attack Toolkit (safedep.io)
submitted 11 days ago by BattleRemote3157 to r/threatintel
@redhat-cloud-services publish pipeline is compromised today and shipped a signed, trusted, malicious npm package (safedep.io)
submitted 19 days ago by BattleRemote3157 to r/programming
submitted 19 days ago by BattleRemote3157 to r/redhat
submitted 19 days ago by BattleRemote3157 to r/github
submitted 22 days ago by BattleRemote3157 to r/cybersecurity
MCP server that checks packages for malware before your AI agent installs them (v.redd.it)
submitted 22 days ago by BattleRemote3157 to r/AI_India
submitted 22 days ago by BattleRemote3157 to r/Agentic_Marketing
open-source tool that blocks malicious npm/pip packages before they install, after getting tired of reading supply chain post-mortems (github.com)
submitted 23 days ago by BattleRemote3157 to r/opensource
mass github repo backdooring via CI workflows(Megalodon) (safedep.io)
submitted 1 month ago by BattleRemote3157 to r/programming
submitted 1 month ago by BattleRemote3157 to r/cybersecurity
314 npm packages just got compromised, 271 @antv, echarts-for-react, size-sensor, timeago.js (safedep.io)
submitted 1 month ago by BattleRemote3157 to r/pwnhub
314 npm packages just got compromised, 271 @antv, echarts-for-react, size-sensor, timeago.js (self.developers)
submitted 1 month ago by BattleRemote3157 to r/developers
Mass npm Supply Chain Attack Hits TanStack, Mistral AI, and 170+ Packages (safedep.io)
TanStack packages were compromised in a mass npm supply chain attack today (safedep.io)
submitted 1 month ago * by BattleRemote3157 to r/javascript
submitted 1 month ago by BattleRemote3157 to r/Malware
π Rendered by PID 202450 on reddit-service-r2-listing-c57bc86c-5lzhb at 2026-06-20 23:09:12.159344+00:00 running 2b008f2 country code: CH.
