Skip to content
The Nexus
DossierENTITY

Moshe Siman Tov Bustan

Coverage of Moshe Siman Tov Bustan in the Nexus archive.

Earliest in view: May 18 · 22:07 UTCMost recent: May 27 · 20:33 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 27 · 20:33 UTCTHE REGISTER
    Malware dev tries to steal Claude users' secrets, writes npm slop, leaks own GitHub private token

    A malware package named 'mouse5212-super-formatter' targeting Claude users was removed from npm after 676 downloads. It leaked the attacker's GitHub private token, enabling researchers to trace stolen files. The malware, analyzed by OX Security, exfiltrates sensitive data via GitHub and uses deceptive techniques to avoid detection.

  • SECURITYMay 22 · 18:57 UTCTHE REGISTER
    Megalodon chums the waters in 5.5K+ GitHub repo poisonings

    A malware campaign called Megalodon poisoned over 5,500 GitHub repositories with CI/CD credential-stealing malware, stealing AWS keys, Google Cloud tokens, and other sensitive credentials. The attack, discovered by SafeDep researchers, was distributed through a compromised Tiledesk package on npm, marking an escalation in supply chain attacks targeting developers.

  • SECURITYMay 18 · 22:07 UTCTHE REGISTER
    Shai-Hulud copycat worm infects yet another npm package

    A Shai-Hulud copycat worm has been found in another npm package, chalk-tempalte, which is a malicious extension of the popular JavaScript library Chalk. The poisoned package contains a clone of Shai-Hulud, which steals secrets and sends them to a remote server. Four malicious packages have been detected, with a total of 2,678 weekly downloads.

Moshe Siman Tov Bustan · Dossier · The Nexus