News

Popular NPM packages with over a million downloads hit by malware
NPM packages with more than a million weekly downloads were compromised to deliver a RAT The attack could turn into a major supply chain attack, experts warned The packages were since deprecated, but ...
The Hacker News8d
PyPI, npm, and AI Tools Exploited in Malware Surge Targeting DevOps and Cloud Environments
Malware-laced PyPI and npm packages steal developer credentials, CI/CD data, and crypto wallets. Attacks target macOS, AI ...
InfoQ7d
Deno 2.3 Now Supports Local NPM Packages
Deno Land recently released Deno 2.3, an update of the Deno runtime that adds support for local NPM packages. Deno 2.3 also ...
CSO Online14d
New npm threats can erase production systems with a single request
The packages carry backdoors that first collect environment information and then delete entire application directories.
What is a supply chain attack in crypto and how to prevent it?
Discover how supply chain attacks target crypto projects through third-party tools, and learn key strategies to protect code, infrastructure and users.