The Future of Serverless Security in 2025: From Logs to Runtime Protection

XMLRPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that's designed to drop a remote access trojan (RAT) on compromised systems.
The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a "logger for gulp and gulp plugins." It has been downloaded 175 times to date.
Software supply chain security

Headline

Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users

The Hacker News: Latest News