A new self-replicating worm dubbed Shai-Hulud has compromised over 180 npm packages, stealing credentials and spreading ...
Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...
A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.
Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
Halud, is compromising hundreds of NPM packages, spreading self-replicating malware, exfiltrating data, and turning private ...
Shai-Hulud is the third major supply chain attack targeting the NPM ecosystem after the s1ngularity attack and the recent compromise of Josh Junon (Qix), the maintainer of 18 NPM packages that have ...
Hardly a week goes by that there isn’t a story to cover about malware getting published to a repository. Last week it was ...
“The compromised account belonged to a well-known JavaScript developer,” Guillemet said, noting how widely used open-source ...
A new digital supply chain attack has targeted popular open-source npm packages with at least two billion downloads per week. On Sept. 8, Josh Junon, a package maintainer whose account was at the ...
"After detecting several malicious Node Package Manager (NPM) packages in the public NPM registry, a third-party open source ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback