A threat actor has published tens of thousands of malicious NPM packages that contain a self-replicating worm, security ...
Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the largest package flooding ...
Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a ...
More than 150,000 malicious packages were published in the NPM registry as part of a recently uncovered spam campaign, Amazon ...
Seven packages published on the Node Package Manager (npm) registry use the Adspect cloud-based service to separate ...
The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...
“After GlassWorm showed how quickly a malicious package could self-replicate across npm, and the chalk/debug hijacking ...
The Register on MSN
Invisible npm malware pulls a disappearing act – then nicks your tokens
PhantomRaven slipped over a hundred credential-stealing packages into npm A new supply chain attack dubbed PhantomRaven has flooded the npm registry with malicious packages that steal credentials, ...
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...
A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback