#malicious-packages

[ follow ]
#cybersecurity #npm #software-supply-chain #phishing #north-korea #npm-registry #open-source-malware
#npm
fromSecuritymagazine
6 days ago
Information security

2B Weekly Downloads at Risk: Supply Chain Attack Targets Popular npm Packages, Security Leaders Discuss

Eighteen widely used npm packages were compromised via a maintainer's phishing-induced 2FA breach, risking a supply-chain attack across millions of weekly downloads.
fromThe Hacker News
5 months ago
Node JS

Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses

Attackers upload malicious npm packages to target crypto wallet software, enabling them to manipulate transactions covertly.
fromSecuritymagazine
6 days ago
Information security

2B Weekly Downloads at Risk: Supply Chain Attack Targets Popular npm Packages, Security Leaders Discuss

more#npm
Information security
fromThe Hacker News
2 months ago

North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign

North Korean threat actors are deploying malicious npm packages as part of ongoing software supply chain attacks against the open-source ecosystem.
fromIT Pro
2 months ago

Developers face a torrent of malware threats as malicious open source packages surge 188%

"Attackers are no longer simply experimenting with open source. The numbers are telling us that threat actors have identified data as the most profitable target, and developers as the easiest way in."
Privacy technologies
[ Load more ]