1. Sukob Threat Actor Deploys Rust Malware via npm Typosquatting to Hijack Developer Credentials and CI/CD Pipelines
A sophisticated npm supply chain attack has surfaced, exploiting typosquatting techniques to distribute a Rust-based malware payload designed to harvest developer credentials and establish persistent footholds across software ecosystems. The campaign, attributed to the Sukob threat actor, leverages a malicious package ...