npm | MrHacker

Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links

In what’s a continuing assault on the open source ecosystem, over 15,000 spam packages have flooded the npm repository in an attempt...

5.1K

Malware

Malicious NPM Package Caught Mimicking Material Tailwind CSS Package

A malicious NPM package has been found masquerading as the legitimate software library for Material Tailwind, once again indicating attempts on the...

2.9K

Malware

NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

A “logical flaw” has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors...

2.8K

Malware

A Large-Scale Supply Chain Attack Distributed Over 800 Malicious NPM Packages

A threat actor dubbed “RED-LILI” has been linked to an ongoing large-scale supply chain attack campaign targeting the NPM package repository by...

3.4K

Malware

Over a Dozen Malicious NPM Packages Caught Hijacking Discord Servers

At least 17 malware-laced packages have been discovered on the NPM package Registry, adding to a recent barrage of malicious software hosted...

2.5K

Malware

Malicious NPM Libraries Caught Installing Password Stealer and Ransomware

Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox,...