Tag: Npm
-
Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package
A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows …
-
Npm Security Woes Continue Amidst a Series of CDN Attacks
Seriously! It seems like every time I blink, the popular JavaScript package manager, Node Package Manager (npm), has had a new security …
-
Manifest Confusion Threat Undermines Trust in Entire Npm Registry
Developers using the wildly popular npm registry to download JavaScript code may unwittingly be exposed to a range of cyber-threats because …
-
Npm to Adopt Sigstore for Software Supply Chain Security
Let’s be honest. npm, the JavaScript package manager and default package manager for the JavaScript runtime environment Node.js, needs …
-
Malware-laced npm packages used to target Discord users
Threat actors used multiple npm packages to target Discord users with malware designed to steal their payment card data. A malicious …
-
Malicious Npm Packages Tapped Again to Target Discord Users
Threat actors once again are using the node package manager (npm) repository to hide malware that can steal Discord tokens to monitor user …
-
Malicious Npm Packages Designed to Steal Discord Tokens
Security researchers have discovered yet another supply chain attack campaign using malicious npm packages, this time targeting Discord …
-
Npm package caught stealing sensitive Discord and browser files
Security researchers at Sonatype have discovered today an npm package (JavaScript library) that contains malicious code designed to steal …
-
Deep Dive Into NPM Security
The Node Package Manager, abbreviated as NPM, is the premier registry for software packages in the Node.js ecosystem and has become one of …
-
Malicious npm package taken down after Microsoft warning
Criminals have been caught trying to sneak a malicious package on to the popular Node.js platform npm (Node Package Manager). The problem …
-
Npm team warns of new ‘binary planting’ bug
The team behind npm, the biggest package manager for JavaScript libraries, has issued a security alert yesterday, advising all users to …
-
The License and Security Risks of Using Node.js
Open source software could make your application open for exploitation Open source software now dominates application development. Open …
●●●