NPM Worm Hits Namastex Packages, Steals Secrets Across Registries
A newly uncovered npm malware campaign is targeting packages linked to Namastex Labs, abusing developer trust to steal sensitive secrets and silently spread across both npm and PyPI ecosystems. The malicious activity centers on Namastex.ai, a company that promotes AI consulting services and autonomo
ORIGINAL SOURCE →via GBHackers Security
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Hamas organizing pro-Palestinian protests, raising funds in Netherlands, Dutch intelligence says
- [CYBER] CVE-2026-7112 - NousResearch hermes-agent API_SERVER_KEY api_server.py _check_auth improper authentication
- [CYBER] CVE-2026-33454 - Apache Camel: Inbound Header Filter Missing in MailHeaderFilterStrategy Allows Remote Code Execution via MIME Header Injection (CVE-2025-30177 Variant)
- [CYBER] CVE-2026-40022 - Apache Camel Platform HTTP Main: Authentication Bypass on Non-Root Context Paths in camel main runtime
- [CYBER] CVE-2026-40858 - Apache Camel: Camel-Infinispan: Unsafe Deserialization in Remote Aggregation Repository
- [CYBER] CVE-2026-7110 - code-projects Invoice System in Laravel item cross site scripting