Web Scouter
Back to News
Security NewsHighIncidentsupply chain

New PhantomRaven NPM attack wave steals dev data via 88 packages

UnknownMar 11, 2026(about 3 hours ago)

The PhantomRaven supply-chain attack is targeting JavaScript developers via malicious npm packages to exfiltrate sensitive data.

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers. [...]

Related News

Carbon Removals and Carbon Farming: Recent EU Developments

Unknown22 minutes ago

CLE Takeaways: Navigating the Complexities of a Merger of Equals

Unknown24 minutes ago

Aliens, Conspiracies, and Ping-Pong: Lessons Learned From the 2026 Oscar Nominees

Unknown25 minutes ago

Get Personalized Alerts

Track vendors and receive alerts when security incidents affect your supply chain.

What We Monitor

Security Incidents

Data breaches, ransomware, and unauthorized access

Vulnerabilities

CVEs and vendor security advisories

Compliance Updates

Regulatory changes and certification news

Legal News

Privacy laws and enforcement actions

Vendor Directory

Browse our directory of SaaS vendors with security documentation and compliance information.