Malicious actors are exploiting simple typos to trick developers into downloading malware-infected fake packages, according to a report from Checkmarx. The campaign targets users of popular Python and Javascript tools Colorama and Colorizr, using a technique called typosquatting. This cross-platform attack is rare and suggests a sophisticated strategy, causing significant damage once installed. The fake packages have been removed from public repositories, but developers are warned to remain vigilant.
WordPress Admins Beware! Fake Cache Plugin that Steals Admin Logins
A sophisticated malware campaign is targeting WordPress administrators, using a deceptive caching plugin to steal login details and compromise website security. The malware, which poses
