News
A new self-replicating worm dubbed Shai-Hulud has compromised over 180 npm packages, stealing credentials and spreading ...
The Register on MSN
Self-propagating worm fuels latest npm supply chain compromise
Intrusions bear the same hallmarks as recent Nx mess The npm platform is the target of another supply chain attack, with ...
Researchers at Socket, a cybersecurity firm specializing in protection against supply chain attacks, and crypto security specialist Scam Sniffer both sounded alarms today, warning that the popular ...
Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel ...
On September 8, several popular npm packages were compromised after a successful phishing attack on a maintainer account.
A new piece of malware is spreading through the popular tinycolor NPM library and more than 300 other packages, some of which ...
Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...
A new supply chain attack on npm, the node package manager, has injected the first malware with self-replicating worm ...
Reports surfaced that the widely used npm package @ctrl/tinycolor had been compromised by Wormable Malware as part of a ...
"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback