Cybersecurity researchers have uncovered an ongoing software supply chain attack campaign, known as PhantomRaven, which targets the npm registry. This campaign has delivered over 100 malicious packages capable of stealing critical information such as authentication tokens, CI/CD secrets, and GitHub credentials from developers’ machines.
The activity associated with PhantomRaven is believed to have started in August 2025. The implications of this attack are significant as it can undermine the security landscape of software development, exposing developers and their projects to various risks. Users are urged to remain vigilant and monitor their environments for unusual activities that may suggest compromises.
👉 Pročitaj original: The Hacker News
