Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers spotted a new large-scale cryptocurrency…
Researchers from ReversingLabs discovered tens of malicious NPM packages stealing data from apps and web forms. Researchers from ReversingLabs discovered…
Researches from cybersecurity firm JFrog found 17 malicious packages on the NPM package repository hijacking Discord servers. JFrog researchers have…
Maintainers of the npm package manager for the JavaScript programming language disclosed multiple flaws that were recently addressed. GitHub disclosed two major vulnerabilities…
The U.S. CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads.…
Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package 'Pac-Resolver' that has millions of downloads every week.…
npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers'…
Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. Sonatype has discovered more malware…
The npm security team removed a malicious JavaScript library from the npm repository that was designed to steal sensitive files…
NPM, the biggest package manager for JavaScript libraries, has addressed a vulnerability that could be exploited to execute "binary planting"…
This website uses cookies.