Security researchers found 3 npm packages that installed NodeCordRAT malware, stealing browser data, crypto wallet secrets & ...
A new Shai-Hulud npm strain and a fake Jackson Maven package show how attackers abuse trusted dependencies to steal secrets ...
The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the computers ...
A new strain of the Shai Hulud worm is discovered by researchers, signaling the self-propagating supply chain threat ...
New malicious NPM packages have been discovered that install the njRAT remote access trojan that allows hackers to gain control over a computer. NPM is a JavaScript package manager that allows ...
A new supply-chain attack compromised at least 187 npm packages, targeting developer secrets across software projects Shai-Hulud worm looks to steal credentials, modify packages, and spread malware ...
Three JavaScript packages have been removed from the npm portal on Thursday for containing malicious code. According to advisories from the npm security team, the three JavaScript libraries opened ...
Since the beginning of July, packages with well-hidden malicious code have been available in the JavaScript package manager npm. The company Socket, which specializes in software supply chain security ...
The Node Package Manager, NPM, has become a powerful and important tool, supporting many different JavaScript frameworks — including JQuery, AngularJS, and React JS. If you’re building JavaScript ...
A significant percentage of the 50,000 most-downloaded npm packages are deprecated or have a deprecated dependency but provide no warning. Security researchers warn that many npm packages are being ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback