Amazon S3 on MSN
The massive NPM malware attack that targeted cryptocurrency
A recent supply chain malware attack affected popular NPM packages, potentially reaching millions of downloads in just a few ...
Cybersecurity researchers have discovered a set of seven npm packages published by a single threat actor that leverages a ...
Seven packages published on the Node Package Manager (npm) registry use the Adspect cloud-based service to separate ...
A self-replicating attack led to a tidal wave of malicious packages in the NPM registry, targeting tokens for the tea.xyz ...
The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...
The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
Weeks after being declared eradicated, GlassWorm is again infesting open source extensions using the same invisible Unicode and blockchain C2 tricks.
The security research team at JFrog, a provider of a platform for building and deploying software, have discovered a critical vulnerability in a node ...
The Backend-for-Frontend pattern addresses security issues in Single-Page Applications by moving token management back to the ...
Security researchers at software supply chain company JFrog Ltd. today revealed details of a critical vulnerability in React, ...
The npm packages were available since July, have elaborately obfuscated malicious routines, and rely on a fake CAPTCHA to appear authentic.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback