npm

A supply chain attack on crypto hardware wallet Ledger led to the theft of $600K

A supply chain attack against Crypto hardware wallet maker Ledger resulted in the theft of $600,000 in virtual assets. Threat actors…

6 months ago

Malicious packages in the NPM designed for highly-targeted attacks

Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data. On…

11 months ago

NPM packages found containing the TurkoRat infostealer

Experts discovered two malicious packages in the npm package repository, both were laced with an open-source info-stealer called TurkoRat. ReversingLabs discovered…

1 year ago

Large-scale cryptomining campaign is targeting the NPM JavaScript package repository

Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers spotted a new large-scale cryptocurrency…

2 years ago

Malicious NPM packages used to grab data from apps, websites

Researchers from ReversingLabs discovered tens of malicious NPM packages stealing data from apps and web forms. Researchers from ReversingLabs discovered…

2 years ago

Tens of malicious NPM packages caught hijacking Discord servers

Researches from cybersecurity firm JFrog found 17 malicious packages on the NPM package repository hijacking Discord servers. JFrog researchers have…

3 years ago

GitHub addressed two major vulnerabilities in the NPM package manager

Maintainers of the npm package manager for the JavaScript programming language disclosed multiple flaws that were recently addressed. GitHub disclosed two major vulnerabilities…

3 years ago

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads

The U.S. CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads.…

3 years ago

Popular NPM package Pac-Resolver affected by a critical flaw

Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package 'Pac-Resolver' that has millions of downloads every week.…

3 years ago

Malicious npm packages spotted delivering njRAT Trojan

npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers'…

4 years ago

This website uses cookies.