#malicious-packages

[ follow ]
fromThe Hacker News
2 weeks ago

North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign

North Korean threat actors are deploying malicious npm packages as part of ongoing software supply chain attacks against the open-source ecosystem.
fromIT Pro
3 weeks ago

Developers face a torrent of malware threats as malicious open source packages surge 188%

"Attackers are no longer simply experimenting with open source. The numbers are telling us that threat actors have identified data as the most profitable target, and developers as the easiest way in."
Privacy technologies
fromThe Hacker News
3 months ago

Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses

Attackers upload malicious npm packages to target crypto wallet software, enabling them to manipulate transactions covertly.
Information security
fromTechzine Global
3 months ago

AI is making the software supply chain more perilous than ever

The JFrog report highlights security risks in the software supply chain, detailing threats from vulnerabilities, malicious packages, exposed secrets, and human error.
[ Load more ]