New PhantomRaven NPM attack wave steals dev data via 88 packages

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
NPR

Science

March 16, 2026 • It’s likely you have at least one “guilty pleasure.” Maybe it’s romance novels. Or reality TV… Playing video games… or getting swept into obscure corners of TikTok. Neuroscientists ...