Tag: NPM package

Cybersecurity researchers have discovered a malicious package on the npm package registry designed to deploy a remote access trojan (RAT)...

The OpenSSF Package Analysis team has introduced the groundbreaking "Malicious Packages Repository," marking the launch of the first open-source system

A wave of malicious npm and PyPI packages has emerged, posing a serious threat to software developers. This campaign, which commenced on September 12

A recent discovery by cybersecurity researchers has unveiled a new threat in the npm package registry, as a fresh wave of malicious npm packages

Phylum has been engaged in uncovering and reporting on a string of malware campaigns that have targeted open-source ecosystems in recent weeks

An ongoing threat involving malicious npm packages has emerged, aiming to compromise developers and pilfer valuable source code and configuration files

More than a dozen malicious npm packages have emerged on the npm package repository in August 2023, designed to deploy an open-source information stealer

The npm package registry has become the focal point of a meticulously targeted attack campaign, designed to lure developers.

Researchers have identified a concerning development in the cybersecurity landscape, uncovering a collection of malicious packages within the npm package

A security researcher and system administrator have addressed the issue of "manifest confusion" in packages from the NPM JavaScript software registry