Malicious packages in the NPM designed for highly-targeted attacks
Researchers discovered a new set of malicious packages on the npm package manager that can…
4 months ago
npm
NPM packages found containing the TurkoRat infostealer
Experts discovered two malicious packages in the npm package repository, both were laced with an…
7 months ago
Large-scale cryptomining campaign is targeting the NPM JavaScript package repository
Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers…
1 year ago
Malicious NPM packages used to grab data from apps, websites
Researchers from ReversingLabs discovered tens of malicious NPM packages stealing data from apps and web…
1 year ago
Tens of malicious NPM packages caught hijacking Discord servers
Researches from cybersecurity firm JFrog found 17 malicious packages on the NPM package repository hijacking…
2 years ago
GitHub addressed two major vulnerabilities in the NPM package manager
Maintainers of the npm package manager for the JavaScript programming language disclosed multiple flaws that were recently addressed.…
2 years ago
Supply-chain attack on NPM Package UAParser, which has millions of daily downloads
The U.S. CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which…
2 years ago
Popular NPM package Pac-Resolver affected by a critical flaw
Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package 'Pac-Resolver' that has…
2 years ago
Malicious npm packages spotted delivering njRAT Trojan
npm security staff removed two packages that contained malicious code to install the njRAT remote…
3 years ago
Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware
Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber.…
3 years ago
This website uses cookies.