New npm threats can erase production systems with a single request | CSO Online
The packages carry backdoors that first collect environment information and then delete entire application directories.| CSO Online
The packages carry backdoors that first collect environment information and then delete entire application directories.| CSO Online
All malicious npm packages carried identical payloads for snooping sensitive network information from developers’ systems.| CSO Online
Scavenger is a stealthy, two-stage malware family first observed in July 2025 following a targeted supply chain attack on the NPM ecosystem. The infection began with a phishing campaign that leveraged a typo-squatted domain (npnjs.com) to impersonate the legitimate NPM login page. The adversaries abused NPM's web-based login flow—akin to device code phishing—to trick a package maintainer into generating an automation access token, which does not expire and can bypass 2FA under certain con...| malpedia.caad.fkie.fraunhofer.de
DLL-based malware targets Windows users after a phishing campaign tricked the maintainer into leaking a token.| CSO Online
