Researchers expose Discord webhook C2 in npm, PyPI, RubyGems; North Korean actors published 338 malicious npm packages with ...
A phishing attack aimed at a particular software maintainer’s account has managed to compromise software packages that have over 2.6 billion weekly downloads. BleepingComputer, noting that the ...
Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. ”Picture this: you compromise ...
A new supply chain attack on npm, the node package manager, has injected the first malware with self-replicating worm behaviour into the JavaScript software registry, security firms say. Security ...
Various IT security companies are warning of new attacks on the npm ecosystem around node.js. Several dozen packages (at least 40, in one report as many as 150) are infected with malware that steals ...
CERT-In has issued an advisory warning of Shai-Hulud malware that targets JavaScript’s Node Package Manager (npm) ecosystem ...
The breach hit core JavaScript libraries such as chalk and strip-ansi, downloaded billions of times each week, raising alarms over the security of open-source software. Hackers have compromised widely ...
NodeSource’s Certified Modules service, intended to ensure the safety of NPM modules, becomes generally available on Thursday. Previously available only in a private beta stage, the service for ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback