Security News PhantomRaven attack floods npm with credential-stealing packages BleepingComputer Daniel Bender 29 Oct 2025 An active campaign named 'PhantomRaven' is targeting developers with dozens of malicious npm packages that steal authentication tokens, CI/CD secrets, and GitHub credentials.
