Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
Ten typosquatted npm packages delivered infostealing malware to nearly 10,000 systemsMalware targeted system keyrings, bypassing app-level security to steal decrypted credentialsAffected users must ...
The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages used with the prettier code formatter were infected with Windows-only malware.
An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
The npm packages were available since July, have elaborately obfuscated malicious routines, and rely on a fake CAPTCHA to ...
NPM has removed multiple packages hosted on its repository this week that established connection to remote servers and exfiltrated user data. These 4 packages had collected over 1,000 total downloads ...
The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
Researchers say the malware was in the repository for two weeks, advise precautions to defend against malicious packages.
Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
Three JavaScript packages have been removed from the npm portal on Thursday for containing malicious code. According to advisories from the npm security team, the three JavaScript libraries opened ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback