News

Malware Injected Into Code Packages That Get 2 Billion+ Downloads Each Week

An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

Hackers left empty-handed after massive NPM supply-chain attack

The largest supply-chain compromise in the history of the NPM ecosystem has impacted roughly 10% of all cloud environments, ...
SecurityWeek13h

Highly Popular NPM Packages Poisoned in New Supply Chain Attack

Threat actors injected malicious code into multiple popular NPM packages after their maintainers fell for a well-crafted ...