Dozens of Red Hat packages backdoored through its official NPM channel

Official Red Hat NPM accounts have been compromised and used to push a malicious worm that spreads from machine to machine, ...
The Hacker News

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

Malicious Sicoob.Sdk stole PFX certificates and client IDs via NuGet downloads, enabling API impersonation and payment abuse risks.