Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated ...
An apparent "Dune" aficionado is responsible for the first self-propagating attack on the npm JavaScript repository in what one security company has ...
A new piece of malware is spreading through the popular tinycolor NPM library and more than 300 other packages, some of which ...
The bundle.js script is designed to steal npm, GitHub, AWS and GCP tokens. But it also installs TruffleHog – an open source ...
Dozens of npm libraries, including a color library with over 2 million downloads a week, have been replaced with novel self-replicating credential-stealing code in yet another wave of a supply chain ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results