#npm-packages

[ follow ]
#malware #cybersecurity #supply-chain-attack #supply-chain-attacks #sap #credential-theft #axios #unc1069
Information security
fromTheregister
2 days ago

Ongoing supply chain attacks worm into SAP npm packages

Supply chain attacks have compromised multiple npm packages, including those from SAP and Intercom, with credential-stealing malware affecting developers.
#cybersecurity
Information security
fromThe Hacker News
3 days ago

SAP npm Packages Compromised by "Mini Shai-Hulud" Credential-Stealing Malware

A new supply chain attack campaign targets SAP-related npm packages with credential-stealing malware, affecting multiple versions and compromising developer environments.
Information security
fromThe Hacker News
1 month ago

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

A supply chain attack on Trivy scanner has led to the emergence of CanisterWorm, compromising numerous npm packages.
Information security
fromThe Hacker News
3 days ago

SAP npm Packages Compromised by "Mini Shai-Hulud" Credential-Stealing Malware

A new supply chain attack campaign targets SAP-related npm packages with credential-stealing malware, affecting multiple versions and compromising developer environments.
Information security
fromThe Hacker News
1 month ago

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

A supply chain attack on Trivy scanner has led to the emergence of CanisterWorm, compromising numerous npm packages.
more#cybersecurity
Information security
fromTechzine Global
1 month ago

North Korea behind social engineering attack on Axios project

Attackers compromised the Axios maintainer's account through social engineering, publishing malicious versions that installed a Remote Access Trojan on victims' systems.
fromInfoWorld
4 months ago

Deno adds tool to run NPM and JSR binaries

Deno 2.6, the latest version of the TypeScript, JavaScript, and WebAssembly runtime, adds a tool, called dx, to run binaries from NPM and JSR (JavaScript Registry) packages. The update to the Node.js rival was announced December 10; installation instructions can be found at docs.deno.com. Current users can upgrade by running the deno upgrade command in their terminal.
Node JS
[ Load more ]