Ten typosquatted npm packages (Jul 4, 2025) delivered a 24MB PyInstaller info stealer using 4 obfuscation layers; ~9,900 ...
Ten typosquatted npm packages delivered infostealing malware to nearly 10,000 systemsMalware targeted system keyrings, bypassing app-level security to steal decrypted credentialsAffected users must ...
The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages used with the prettier code formatter were infected with Windows-only malware.
An advanced malware campaign on the npm registry steals the very keys that control enterprise cloud infrastructure.
An ongoing attack is uploading hundreds of malicious packages to the open source node package manager (NPM) repository in an attempt to infect the devices of developers who rely on code libraries ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component ...
The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest ...
The npm packages were available since July, have elaborately obfuscated malicious routines, and rely on a fake CAPTCHA to ...
Researchers outline how the PhantomRaven campaign exploits hole in npm to enable software supply chain attacks.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback