{"id":5974,"date":"2025-10-30T12:11:33","date_gmt":"2025-10-30T12:11:33","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/10\/30\/phantomraven-malware-found-in-126-npm-packages-stealing-github-tokens-from-devs\/"},"modified":"2025-10-30T12:11:33","modified_gmt":"2025-10-30T12:11:33","slug":"phantomraven-malware-found-in-126-npm-packages-stealing-github-tokens-from-devs","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/10\/30\/phantomraven-malware-found-in-126-npm-packages-stealing-github-tokens-from-devs\/","title":{"rendered":"PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs"},"content":{"rendered":"<p>\u200bCybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI\/CD secrets, and GitHub credentials from developers&#8217; machines.<br \/>\nThe campaign has been codenamed PhantomRaven by Koi Security. The activity is assessed to have begun in August 2025, when the first\u00a0Cybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI\/CD secrets, and GitHub credentials from developers&#8217; machines.<br \/>\nThe campaign has been codenamed PhantomRaven by Koi Security. The activity is assessed to have begun in August 2025, when the first\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bCybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI\/CD secrets, and GitHub credentials from developers&#8217; machines. The campaign has been codenamed PhantomRaven by Koi Security. The activity is assessed to have begun in August 2025, when the&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/10\/30\/phantomraven-malware-found-in-126-npm-packages-stealing-github-tokens-from-devs\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":5975,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/5974"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=5974"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/5974\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/5975"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=5974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=5974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=5974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}