#npm-supply-chain
#npm-supply-chain

[ follow ]

Hackers are using these malicious npm packages to target developers on Windows, macOS, and Linux systems - here's how to stay safe

Typosquatted npm packages delivered a PyInstaller 24MB infostealer across Windows, macOS, and Linux using multi-layer obfuscation, fake CAPTCHA, and IP fingerprinting.

Information security

fromSecurityWeek

1 month ago

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

A supply-chain attack named Shai-Hulud infected over 180 NPM packages with self-replicating malware that stole secrets and published them to public GitHub repositories.

[ Load more ]

#npm-supply-chain#npm-supply-chain

Hackers are using these malicious npm packages to target developers on Windows, macOS, and Linux systems - here's how to stay safe

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

#npm-supply-chain
#npm-supply-chain