On September 8, 2025 Anchore was made aware of an incident involving a number of popular NPM packages to insert malware. The technical details of the attack can be found in the Aikido blog post: npm debug and chalk packages compromised After an internal audit, Anchore determined no Anchore products, projects, or development environments ever […] The post NPM Supply Chain Breach Response for Anchore Enterprise and Grype Users appeared first on Anchore.
