News

More popular npm packages hijacked to spread malware
Several popular npm packages with millions of weekly downloads were targeted, and one used as a launchpad for malware ...
CSO Online1d
Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack
DLL-based malware targets Windows users after a phishing campaign tricked the maintainer into leaking a token.
Popular npm linter packages hijacked via phishing to drop malware
Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into ...
The Hacker News3d
Malware Injected into 5 npm Packages After Maintainer Tokens Stolen in Phishing Attack
npm packages hit by phishing-based supply chain attack, exposing developers to malware and remote access threats.
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new ...
North Korean hackers release malware-ridden packages into npm registry
Uploading malicious code to npm is just a setup. The real attack most likely happens elsewhere - on LinkedIn, Telegram, or ...
GovInfoSecurity7d
North Korea Floods npm Registry with Malware
North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm ...
The Hacker News8d
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
North Korean hackers continue attacking open-source software via npm packages. 67 new malicious packages with XORIndex Loader ...
Business Insider6y
NPM Co-Founder and Chief Data Officer Laurie Voss Resigns - Business ...
NPM co-founder Isaac Schlueter, who was the CEO until he was replaced by Bryan Bogensberger, remains as the company's chief product officer. Visit Business Insider's homepage for more stories.