npm

npm ecosystem tag

PhantomRaven Malware Found in 126 npm Packages, Stealing GitHub Tokens

Nov 15, 2025

—

by

Reza Rafati

in Cyber News & Updates

PhantomRaven exploits npm packages to steal GitHub tokens and CI/CD secrets, Koi Security says.