#npm-packages

[ follow ]
#malware #cybersecurity #supply-chain-attack #axios #unc1069 #social-engineering #canisterworm #deno-26 #dx
Information security
fromTechzine Global
2 weeks ago

North Korea behind social engineering attack on Axios project

Attackers compromised the Axios maintainer's account through social engineering, publishing malicious versions that installed a Remote Access Trojan on victims' systems.
#cybersecurity
fromThe Hacker News
9 months ago
Node JS

North Korea-linked Supply Chain Attack Targets Developers with 35 Malicious npm Packages

A series of malicious npm packages linked to North Korean operations threaten software security by concealing harmful payloads for data theft.
fromThe Hacker News
10 months ago
Growth hacking

New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally

A supply chain attack has compromised GlueStack packages, exposing nearly 1 million downloads to malware threats.
Information security
fromThe Hacker News
4 weeks ago

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

A supply chain attack on Trivy scanner has led to the emergence of CanisterWorm, compromising numerous npm packages.
more#cybersecurity
fromInfoWorld
3 months ago

Deno adds tool to run NPM and JSR binaries

Deno 2.6, the latest version of the TypeScript, JavaScript, and WebAssembly runtime, adds a tool, called dx, to run binaries from NPM and JSR (JavaScript Registry) packages. The update to the Node.js rival was announced December 10; installation instructions can be found at docs.deno.com. Current users can upgrade by running the deno upgrade command in their terminal.
Node JS
[ Load more ]