Seven npm Packages Use Adspect Cloaking to Trick Victims Into Crypto Scam Pages

Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a cloaking service called Adspect to differentiate between real victims and security researchers to ultimately redirect them to sketchy crypto-themed sites. The malicious npm...

MAL-2025-6469 Malicious code in browser-history-analysis (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 032a326beadf36ce66d29555a7dacc90d6dfc733435dc61852cbc1e5128ee73d When starting the server with expected functionality with potentially sensitive content, the package silently sends the location external IP to a remote...