2 matches found
MAL-2026-1538 Malicious code in vue-scoped-css (npm)
The package 'vue-scoped-css' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...
Malicious code in vue-scoped-css (npm)
The package 'vue-scoped-css' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.co...