Infosecurity-magazine.com

FortiGuard Uncovers Deceptive Install Scripts in npm Packages

A series of malicious packages hidden within the Node Package Manager (npm), the largest software registry for JavaScript, has been uncovered. According to a new advisory published by FortiGuard on ...
Bleeping Computer

NPM packages posing as speed testers install crypto miners instead

A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the ...
ZDNet

Malicious npm packages caught installing remote access trojans

The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the computers ...