fromThe Hacker News3 weeks agoNorth Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack CampaignNorth Korean threat actors are deploying malicious npm packages as part of ongoing software supply chain attacks against the open-source ecosystem.
Information securityfromThe Hacker News4 months agoNine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated ScriptsSeveral legitimate cryptocurrency packages on npm have been hijacked to steal sensitive information from compromised systems.