A new supply-chain attack compromised at least 187 npm packages, targeting developer secrets across software projects Shai-Hulud worm looks to steal credentials, modify packages, and spread malware ...
At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...
Researchers continue to investigate a wave of malicious npm packages, with the published tally now reaching over 700. Last week, JFrog researchers disclosed the scheme in which an unknown threat actor ...
North Korean hackers intensify their efforts against blockchain and Web3 developers, using nearly 200 malicious npm packages ...
The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. This occurred after maintainer accounts ...
North Korean attackers have delivered more than 197 malicious packages as part of ongoing state-sponsored activity to ...
Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors. More than ...
As poisoned software continues to pop up across the industry, some threat actors have found a way to hide malicious code in npm packages and avoid detection from most security tools. In an blog post ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback