News

Not pretty, not Windows-only: npm phishing attack laces popular packages with malware

The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages ...

NPM package ‘is’ with 2.8M weekly downloads infected devs with malware

The popular NPM package 'is' has been compromised in a supply chain attack that injected backdoor malware, giving attackers ...
HealthcareInfoSecurity16d

North Korea Floods NPM Registry with Malware

North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm ...