Packages of a Computer

Dozens of malicious packages on NPM collect host and network data

60 packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor. According to Socket’s Threat ...

Bleeping Computer

SSH keys stolen by stream of malicious PyPI and npm packages

A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms. The campaign started on September 12, 2023, and was first ...

SiliconANGLE

Massive npm hack poisons 18 packages with billions of downloads

Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after attackers injected malware into 18 popular packages that together account for ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results

Dozens of malicious packages on NPM collect host and network data

SSH keys stolen by stream of malicious PyPI and npm packages

Massive npm hack poisons 18 packages with billions of downloads

Trending now