pull down to refresh

Bogus npm Packages Used to Trick Software Developers into Installing Malwarethehackernews.com/2024/04/bogus-npm-packages-used-to-trick.html?m=1
42 sats \ 1 comment \ @ch0k1 28 Apr 2024 security
related
10 npm Packages Caught Stealing Developer Credentials on Windows, macOS & Linuxthehackernews.com/2025/10/10-npm-packages-caught-stealing.html
10 sats \ 0 comments \ @ch0k1 29 Oct 2025 security
Malicious npm Packages Found Using Image Files to Hide Backdoor Codethehackernews.com/2024/07/malicious-npm-packages-found-using.html?m=1
23 sats \ 0 comments \ @ch0k1 19 Jul 2024 news
North Korean Hackers Targeting Developers with Malicious npm Packagesthehackernews.com/2024/02/north-korean-hackers-targeting.html
23 sats \ 0 comments \ @doofus 28 Feb 2024 security
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoorthehackernews.com/2025/05/malicious-npm-packages-infect-3200.html
24 sats \ 0 comments \ @ch0k1 11 May 2025 news
Self-Replicating Worm Hits 180+ Software Packageskrebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/
50 sats \ 0 comments \ @ch0k1 16 Sep 2025 news
NPM hack was mentioned multiple times on SN before yesterday
130 sats \ 4 comments \ @h6j5dhc567g 9 Sep 2025 bitdevs
Malicious Microsoft VSCode extensions target devs, crypto communitywww.bleepingcomputer.com/news/security/malicious-microsoft-vscode-extensions-target-devs-crypto-community/
30 sats \ 0 comments \ @ch0k1 18 Dec 2024 security
Over 100,000 Infected Repos Found on GitHub
1687 sats \ 6 comments \ @0xbitcoiner 29 Feb 2024 security
NPM security: preventing supply chain attacks | Snyk (2022)snyk.io/blog/npm-security-preventing-supply-chain-attacks/
417 sats \ 20 comments \ @ek 9 Sep 2025 security
100+ backdoored malware repos traced to single GitHub userwww.theregister.com/2025/06/05/backdoored_malware_repos
51 sats \ 1 comment \ @Coinsreporter 5 Jun 2025 security
Hugging Face, the GitHub of AI, Hosted Code That Backdoored User Devicesarstechnica.com/security/2024/03/hugging-face-the-github-of-ai-hosted-code-that-backdoored-user-devices/
71 sats \ 1 comment \ @0xbitcoiner 3 Mar 2024 security
Beware of Fake Online Speedtest Application With Obfuscated JS Codescybersecuritynews.com/beware-of-fake-online-speedtest-application/
102 sats \ 0 comments \ @ch0k1 29 Sep 2025 news
Self Propagating NPM Malware Compromises over 40 Packageswww.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised
100 sats \ 0 comments \ @hn 16 Sep 2025 tech
We Just Found Malicious Code in the Popular NPM Packagejdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1397 sats \ 18 comments \ @kristapsk 8 Sep 2025 security
PhantomRaven: NPM Malware Hidden in Invisible Dependencieswww.koi.ai/blog/phantomraven-npm-malware-hidden-in-invisible-dependencies
289 sats \ 2 comments \ @kepford 30 Oct 2025 security
NPM debug and chalk packages compromisedwww.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
233 sats \ 0 comments \ @hn 8 Sep 2025 tech
'Sha1-Hulud' npm malware is back
157 sats \ 0 comments \ @anon 28 Nov 2025 lightning
Malicious VSCode extensions with millions of installs discoveredwww.bleepingcomputer.com/news/security/malicious-visual-studio-code-extensions-with-millions-of-installs-discovered/
370 sats \ 0 comments \ @Rsync25 9 Jun 2024 security
Npm Run Hack:Me - A Supply Chain Attack Journeyrxj.dev/posts/npm-run-hack-supply-chain-attack-journey/
161 sats \ 1 comment \ @k00b 12 Mar 2025 devs
Official NPM package for XRP infected with crypto stealing backdoorwww.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor
12 sats \ 0 comments \ @carter 22 Apr 2025 security
Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
953 sats \ 3 comments \ @aljaz 16 Sep 2025 security