A supply chain attack against Crypto hardware wallet maker Ledger resulted in the theft of $600,000 in virtual assets. Threat actors…
Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data. On…
Experts discovered two malicious packages in the npm package repository, both were laced with an open-source info-stealer called TurkoRat. ReversingLabs discovered…
Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers spotted a new large-scale cryptocurrency…
Researchers from ReversingLabs discovered tens of malicious NPM packages stealing data from apps and web forms. Researchers from ReversingLabs discovered…
Researches from cybersecurity firm JFrog found 17 malicious packages on the NPM package repository hijacking Discord servers. JFrog researchers have…
Maintainers of the npm package manager for the JavaScript programming language disclosed multiple flaws that were recently addressed. GitHub disclosed two major vulnerabilities…
The U.S. CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads.…
Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package 'Pac-Resolver' that has millions of downloads every week.…
npm security staff removed two packages that contained malicious code to install the njRAT remote access trojan (RAT) on developers'…
This website uses cookies.