News

CSO Online7h
Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack
DLL-based malware targets Windows users after a phishing campaign tricked the maintainer into leaking a token.
Popular npm linter packages hijacked via phishing to drop malware
Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into ...
More popular npm packages hijacked to spread malware
A npm package maintainer has fallen victim to a phishing attackThe attackers accessed packages and updated them to carry malwareMost antivirus programs are still not properly flagging the malicious ...
The Hacker News2d
Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack
npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new ...
North Korean hackers release malware-ridden packages into npm registry
Uploading malicious code to npm is just a setup. The real attack most likely happens elsewhere - on LinkedIn, Telegram, or ...
GovInfoSecurity6d
North Korea Floods npm Registry with Malware
North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm ...
The Hacker News7d
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
North Korean hackers continue attacking open-source software via npm packages. 67 new malicious packages with XORIndex Loader ...
Business Insider6y
NPM Co-Founder and Chief Data Officer Laurie Voss Resigns - Business ...
NPM co-founder Isaac Schlueter, who was the CEO until he was replaced by Bryan Bogensberger, remains as the company's chief product officer. Visit Business Insider's homepage for more stories.