Yet another supply chain attack has hit the npm registry in what Amazon describes as "one of the largest package flooding ...
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. A series of malicious packages in the Node.js package manager (npm) code ...
A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...
Seven packages published on the Node Package Manager (npm) registry use the Adspect cloud-based service to separate ...
A threat actor has published tens of thousands of malicious NPM packages that contain a self-replicating worm, security ...
Bad actors using typo-squatting place 39 malicious packages in npm that went undetected for two weeks. How should the open source community respond? Software development relies heavily on trust, ...
More than 150,000 malicious packages were published in the NPM registry as part of a recently uncovered spam campaign, Amazon ...
“After GlassWorm showed how quickly a malicious package could self-replicate across npm, and the chalk/debug hijacking ...
The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback