News

SecurityWeek1d

Highly Popular NPM Packages Poisoned in New Supply Chain Attack

Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Crypto stolen by hackers in largest NPM attack

Key takeawaysCybercriminals hacked 18 NPM packages of a well-known developer to conceal malware.The breach affected several ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...

Hackers left empty-handed after massive NPM supply-chain attack

The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, ...
The Register on MSN1d

More packages poisoned in npm attack, but would-be crypto thieves left pocket change

Miscreants cost victims time rather than money During the two-hour window on Monday in which hijacked npm versions were ...