News
Qix is an open source maintainer account that was compromised by a phishing attack. This allowed attackers to infect 18 popular npm packages with malicious code. Together, these packages are ...
In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...
Hackers launched the largest NPM crypto attack in history and compromised 18 JavaScript packages with billions of downloads.
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source ...
An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback