27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials
James Bond game 007 First Light delayed to May 2026
In December 2024, the popular Ultralytics AI library was compromised, installing malicious code that hijacked system resources for cryptocurrency mining. In August 2025, malicious Nx packages leaked 2,349 GitHub, cloud, and AI credentials. Throughout 2024, ChatGPT vulnerabilities allowed unauthorized extraction of user data from AI memory. The result: 23.77 million secrets were leaked through AI
Original aticle here: Feedburner
