The worm, dubbed Shai-Hulud, has all the hallmarks of malware released last month as freely available open source. TeamPCP was […]
Tag: npm
NPM flooded with malicious packages downloaded more than 86,000 times
Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 […]
Software packages with more than 2 billion weekly downloads hit in supply-chain attack
Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely […]
Destructive malware available in NPM repo went unnoticed for 2 years
Some of the payloads were limited to detonate only on specific dates in 2023, but in some cases a phase […]
Yearlong supply-chain attack targeting security pros steals 390K credentials
Screenshot showing a graph tracking mining activity. Credit: Checkmarx But wait, there’s more On Friday, Datadog revealed that MUT-1244 employed […]