Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets, and GitHub credentials from developers' machines.
The campaign has been codenamed PhantomRaven by Koi Security. The activity is assessed to have begun in August 2025, when the first



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/10/phantomraven-malware-found-in-126-npm.html