Nieuws

Security Boulevard4d

How One Phishing Email Compromised 18 npm Packages and Billions of Installs

On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...

Software packages with more than 2 billion weekly downloads hit in supply-chain attack

Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...
Cyber Daily5d

18 popular JavaScript code packages hacked to spread malware

Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of victims.
Securities.io2d

NPM Supply-Chain Attack: What Happened and How to Fix It

Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...

Major attack on node.js

A cryptocurrency thief got into the npm account of a hard-working developer via spearphishing. node.js packages with billions ...
Tweakers5d

Npm-packages met 2 miljard wekelijkse downloads zijn met malware geïnfecteerd

Onbekende aanvallers hebben malware weten te injecteren in meerdere npm-packages die gezamenlijk meer dan twee miljard keer per week worden gedownload. Daarmee worden cryptovalutastelers op geïnfectee ...