Cookie Consent

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.
View our Privacy Policy for more information.

deny icon
Deny
allow icon
Accept

Research

Safety's Cybersecurity Intelligence Team conducts industry-leading research into security best practices, software supply chain vulnerabilities, and novel attack vectors.
Research

Russian Hackers Manipulate npm to Make Realistic Packages

Safety’s malicious package detection identified a malicious npm package today named express-exp. This package was brand new, and had only one version, 1.0.1.
Read post
Open Post

All Posts

Filter by category
Russian Hackers Manipulate npm to Make Realistic Packages
Research
10 mins
April 15, 2025
Read post
Open Post
Payment processor publishes official NPM package that leaks credit card data via ngrok
Research
11 mins
April 7, 2025
Read post
Open Post
Building an Effective Engineering Career Framework: A Practical Guide
Blog
5 mins
December 11, 2024
Read post
Open Post
Critical Supply Chain Attack Targets Ultralytics AI Library
Security
6 mins
December 10, 2024
Read post
Open Post
CryptoAITools Supply Chain Attack: What It Means for Package Security
Security
4 mins
November 1, 2024
Read post
Open Post
The New Cyber Threat Landscape: Key Insights from Canada’s 2025-2026 Cyber Threat Assessment
Blog
7 mins
October 31, 2024
Read post
Open Post

Reduce vulnerability noise by 90%.
Get a demo today to learn more.

Get a Demo