Bleeping Computer

Popular npm linter packages hijacked via phishing to drop malware

Popular JavaScript libraries were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. The attacker(s) used stolen ...
CSOonline

Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack

Popular configuration packages for integrating Prettier with ESLint, the widely used code formatting tools within JavaScript and TypeScript projects, were hijacked after a maintainer fell victim to a ...