Articles tagged malware on devtake.dev.https://devtake.dev/en-ushttps://devtake.dev/article/npm-registry-supply-chain-wave/https://devtake.dev/article/npm-registry-supply-chain-wave/A worm hijacked Red Hat's npm namespace, a rootkit spread through 1,500 Arch AUR packages, and a SOC 2-certified AI gateway shipped malware. Registries are under fire.Sat, 13 Jun 2026 12:45:00 GMTsecuritysecuritysupply-chainnpmopen-sourcemalwareluca-reinhardthttps://devtake.dev/article/minecraft-weedhack-malware/https://devtake.dev/article/minecraft-weedhack-malware/McAfee says a free malware-as-a-service stealer called WeedHack has hit 116,000+ Minecraft systems via fake mods and cheats. Here's what it grabs and how to clean up.Wed, 03 Jun 2026 11:00:00 GMTgaminggamingminecraftmalwaresecuritycredential-theftinfostealersupply-chainhiro-tanakahttps://devtake.dev/article/daemon-tools-supply-chain-backdoor/https://devtake.dev/article/daemon-tools-supply-chain-backdoor/Kaspersky pinned a supply-chain attack on the DAEMON Tools installer dating to April 8. Thousands hit globally, dozens upgraded to a QUIC RAT implant via signed binaries.Wed, 06 May 2026 10:15:00 GMTsecuritysecuritysupply-chaindaemon-toolsmalwarekasperskyquic-ratcode-signingwindowsluca-reinhardthttps://devtake.dev/article/gpt-proxy-npm-supply-chain/https://devtake.dev/article/gpt-proxy-npm-supply-chain/Aikido found a stage-2 Go binary inside two health-check-themed packages that runs an OpenAI-compatible router routing Claude, GPT, and Gemini traffic through Chinese aggregators.Sat, 25 Apr 2026 07:30:00 GMTsecuritysupply-chainnpmpypiai-securitymalwarellmchinacredential-theftluca-reinhardt