New npm threats can erase production systems with a single request | CSO Online
The packages carry backdoors that first collect environment information and then delete entire application directories.| CSO Online
The packages carry backdoors that first collect environment information and then delete entire application directories.| CSO Online
All malicious npm packages carried identical payloads for snooping sensitive network information from developers’ systems.| CSO Online
Scavenger is a stealthy, two-stage malware family first observed in July 2025 following a targeted supply chain attack on the NPM ecosystem. The infection began with a phishing campaign that leveraged a typo-squatted domain (npnjs.com) to impersonate the legitimate NPM login page. The adversaries abused NPM's web-based login flow—akin to device code phishing—to trick a package maintainer into generating an automation access token, which does not expire and can bypass 2FA under certain con...| malpedia.caad.fkie.fraunhofer.de
Heads up that v3.3.1 of npmjs.com/is has malware in it, due to another maintainer’s account being hijacked. They’re removed for now, v3.3.0 is set at latest, v3.3.1 is deprecated, and a v3.3.2 will be published once I’m not on my phone (thx @github.com codespaces) https://npmjs.com/is| Bluesky Social
DLL-based malware targets Windows users after a phishing campaign tricked the maintainer into leaking a token.| CSO Online
