Blog

Tag: #malware

Browse tags

mcp
security
supply-chain
devops
ai
ai-security
Agents
ai-agents
claude
claude-code
cursor
cve
cybersecurity
npm
python
terminal
agentic-ai
ai-infrastructure
aws
axios
data-engineering
developer-tools
dotfiles
Free Threading
frontend
github-copilot
litellm
malware
migration
mythos
neovim
performance
rust
vulnerability
workflow
zero-day
a2a
aerospace
agent-security
agent-skills
agentic-workflows
AI systems
ai-architecture
AI-safety
ai-tooling
Apple
APT
architecture
argocd
beads
best-practices
Budget
byteDance
canisterworm
Catppuccin
chrome-devtools
cicd
cli
Code generation
coding-agents
commoditization
Context engineering
CPython
CSS
cve-2026-7482
Data science
database
debugging
deep-reasoning
defense-in-depth
design-tools
developer-experience
developer-tooling
dirty-frag
docker
Ecosystem
figma
firefox
floci
Frontier models
gemini
Gemma
gguf
git
github-actions
governance
Harness
Healthcare AI
Homelab
incident-response
JavaScript
jit
kubernetes
langchain
Lazy Imports
lighthouse
linux-kernel
LLM
local-dev
local-llm
localstack
looped-llm
macos
Maturity
memory
meta-learning
minimax
mle-bench
monorepo
mozilla
multi-agent
nodejs
North Korea
nushell
oauth
ollama
Open models
OpenClaw
OWASP
Packaging
pandas
PEP
polars
Portfolio
prediction
production-ai
productivity
protocols
prototype-pollution
pyscript
Python 3.14
Python 3.15
rce
Release
Research
responsible-disclosure
ruff
Self-distillation
self-improvement
Side project
sql-injection
Stanford
stow
task-graph
terraform
tmux
vercel
vulnerability-research
Web development
window-manager
worm
zero-trust
zsh

Apr 22, 2026 Security

The Worm in the Machine: Dissecting the Self-Spreading npm Attack

A new npm worm doesn't just steal your keys-it turns your own code into a weapon. A deep dive into the CanisterWorm's anatomy, from postinstall hooks to its unkillable blockchain C2.

Apr 7, 2026 Security

The LiteLLM Supply Chain Attack: How Developer Machines Became Credential Vaults

In March 2026, the TeamPCP threat actor compromised PyPI packages LiteLLM 1.82.7 and 1.82.8, injecting infostealer malware that turned developer workstations into credential harvesting engines.

Topics

The Worm in the Machine: Dissecting the Self-Spreading npm Attack

The LiteLLM Supply Chain Attack: How Developer Machines Became Credential Vaults