Blog

Follow for the latest updates and insights on
open source security & engineering.

Latest From SafeDep

Malware

Malicious hermes-px on PyPI Steals AI Conversations

hermes-px on PyPI steals AI conversations via triple-encrypted exfiltration to Supabase, routing through a hijacked university endpoint while injecting a stolen 245KB system prompt.

Malware Security Announcements AI Engineering Technology Open Source SCA Compliance & SBOM CI/CD

Security

prt-scan: A 5-Phase GitHub Actions Credential Theft Campaign

A throwaway GitHub account submitted 219+ malicious pull requests in a single day, each carrying a 352-line payload that steals CI secrets, injects workflows, bypasses label gates, and scans /proc...

Malware

Compromised npm Package mgc Deploys Multi-Platform RAT

The npm package mgc was compromised via account takeover, with four malicious versions published in rapid succession deploying a full Remote Access Trojan targeting macOS, Windows, and Linux.

Malware

Thirty-Six Malicious npm Strapi Packages Deploy Redis RCE, Database Theft, and Persistent C2

A coordinated campaign of thirty-six malicious npm packages published by four sock-puppet accounts (umarbek1233, kekylf12, tikeqemif26, and umar_bektembiev1) targets Strapi CMS deployments with eight...

Malware

Malicious npm Package express-session-js Drops Full RAT Payload

A malicious npm package typosquatting express-session fetches and executes a full Remote Access Trojan from a paste service, targeting browser credentials, crypto wallets, SSH keys, and more.

Ship Code.

Not Malware.

Start free with open source tools on your machine. Scale to a unified platform for your organization.

Star on GitHub Book a Demo