malicious NPM packages Archives

Pierluigi Paganini September 09, 2025

Supply chain attack targets npm, +2 Billion weekly npm downloads exposed

Multiple popular npm packages were compromised in a supply chain attack after a maintainer fell for a phishing email targeting 2FA credentials. A supply chain attack compromised multiple popular npm packages with 2B weekly downloads after a maintainer fell for a phishing email mimicking npm, targeting 2FA credentials. Threat actors targeted Josh Junon’s (Qix) to […]

Pierluigi Paganini August 01, 2025

Malicious AI-generated npm package hits Solana users

AI-generated npm package @kodane/patch-manager drained Solana wallets; 1,500+ downloads before takedown on July 28, 2025. AI-generated npm package @kodane/patch-manager was flagged for hiding malicious software to drain Solana wallets. The package was uploaded on July 28, 2025, and it was downloaded more than 1,500 times before takedown. “The package @kodane/patch-manager, is a sophisticated cryptocurrency wallet […]

Pierluigi Paganini April 14, 2025

Malicious NPM packages target PayPal users

Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers. Fortinet researchers discovered multiple malicious NPM packages that are used to target PayPal users. The packages were uploaded to the repository in early March by a threat actor known as tommyboy_h1 and tommyboy_h2, and were used to steal PayPal credentials and hijack cryptocurrency transfers. “Using PayPal-related […]