#npm

[ follow ]
#malware
Node JS
fromThe Hacker News
1 month ago

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

Three malicious npm packages disguised as a Telegram bot library have been found, containing SSH backdoors and data exfiltration functionalities.
Node JS
fromDeveloper Tech News
1 week ago

60 malicious npm packages caught mapping developer networks

A coordinated malware campaign is targeting npm packages to gather intelligence on developer networks.
Node JS
fromBleepingComputer
1 week ago

Dozens of malicious packages on NPM collect host and network data

60 malicious NPM packages were found that collect sensitive data and send it to threat actors through Discord webhooks.
Threat actors employed names similar to legitimate packages to deceive developers and infiltrate systems.
Node JS
fromThe Hacker News
1 month ago

North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages

North Korean threat actors are using npm packages to spread BeaverTail malware and a new RAT loader, indicating advanced obfuscation techniques.
Node JS
fromDeveloper Tech News
22 hours ago

Package lurking in npm for six years waits to destroy your work

A malicious npm package, disguised as a legitimate tool, has been uncovered, potentially endangering numerous projects.
The xlsx-to-json-lh package highlights vulnerabilities in package management due to misleading naming.
Information security
fromThe Hacker News
6 months ago

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

A software supply chain attack on npm packages has persisted for over a year, embedding malware that steals data and mines cryptocurrency.
Node JS
fromThe Hacker News
1 month ago

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

Three malicious npm packages disguised as a Telegram bot library have been found, containing SSH backdoors and data exfiltration functionalities.
Node JS
fromDeveloper Tech News
1 week ago

60 malicious npm packages caught mapping developer networks

A coordinated malware campaign is targeting npm packages to gather intelligence on developer networks.
Node JS
fromBleepingComputer
1 week ago

Dozens of malicious packages on NPM collect host and network data

60 malicious NPM packages were found that collect sensitive data and send it to threat actors through Discord webhooks.
Threat actors employed names similar to legitimate packages to deceive developers and infiltrate systems.
Node JS
fromThe Hacker News
1 month ago

North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages

North Korean threat actors are using npm packages to spread BeaverTail malware and a new RAT loader, indicating advanced obfuscation techniques.
Node JS
fromDeveloper Tech News
22 hours ago

Package lurking in npm for six years waits to destroy your work

A malicious npm package, disguised as a legitimate tool, has been uncovered, potentially endangering numerous projects.
The xlsx-to-json-lh package highlights vulnerabilities in package management due to misleading naming.
Information security
fromThe Hacker News
6 months ago

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

A software supply chain attack on npm packages has persisted for over a year, embedding malware that steals data and mines cryptocurrency.
fromInfoWorld
10 months ago

Deno boosts dependency management with JSR

Deno 1.42 includes major updates for Node.js and NPM compatibility, enhancing modules such as async_hooks, crypto, and worker_threads for improved performance.
Node JS
#nodejs
Node JS
fromInfoWorld
3 weeks ago

Node.js 24 drops MSVC support

Node.js 24 brings significant updates to the V8 engine and NPM, crucial for JavaScript development.
Node JS
fromInfoWorld
3 weeks ago

Node.js 24 drops MSVC support

Node.js 24 brings significant updates to the V8 engine and NPM, crucial for JavaScript development.
fromThe Hacker News
1 month ago

Malicious npm Package Targets Atomic Wallet, Exodus Users by Swapping Crypto Addresses

Effectively, a victim who tried to send crypto funds to another crypto wallet would have the intended wallet destination address swapped out for one belonging to the malicious actor.
Node JS
JavaScript
fromHackernoon
3 years ago

How to Automatically Publish Your NPM Package Using GitHub Actions | HackerNoon

Automating npm package publishing through CI/CD increases quality, ensures consistent versioning, and streamlines collaboration among contributors.
[ Load more ]