Skip to content
Linkedin-in Envelope Map-marker-alt
×
  • Italiano
  • Inglese
SecurityIT | Consulenza Sulla Sicurezza Informatica
 
  • La società
    • Chi siamo
    • Il team
    • La cultura dei valori
    • Mission
    • Azienda Certificata Iso
  • Formazione
    • Elenco corsi
  • Cyber security
    • Penetration test
    • Consulenza ISO/IEC 27001
    • Privacy
    • Vulnerability assessment
    • PCIDSS
    • Business continuity management e disaster recovery
    • Code security review
    • Mobile protection
    • Servizi di cyber threat intelligence
    • Analisi forense e investigazione
    • Social media Security
  • SOC
  • INTEGRAZIONI SISTEMI
    • Soluzioni
  • News
  • Contatti
×
  • La società
    • Chi siamo
    • Il team
    • La cultura dei valori
    • Mission
    • Azienda Certificata Iso
  • Formazione
    • Elenco corsi
  • Cyber security
    • Penetration test
    • Consulenza ISO/IEC 27001
    • Privacy
    • Vulnerability assessment
    • PCIDSS
    • Business continuity management e disaster recovery
    • Code security review
    • Mobile protection
    • Servizi di cyber threat intelligence
    • Analisi forense e investigazione
    • Social media Security
  • SOC
  • INTEGRAZIONI SISTEMI
    • Soluzioni
  • News
  • Contatti
SecurityIT | Consulenza Sulla Sicurezza Informatica
 
  • La società
    • Chi siamo
    • Il team
    • La cultura dei valori
    • Mission
    • Azienda Certificata Iso
  • Formazione
    • Elenco corsi
  • Cyber security
    • Penetration test
    • Consulenza ISO/IEC 27001
    • Privacy
    • Vulnerability assessment
    • PCIDSS
    • Business continuity management e disaster recovery
    • Code security review
    • Mobile protection
    • Servizi di cyber threat intelligence
    • Analisi forense e investigazione
    • Social media Security
  • SOC
  • INTEGRAZIONI SISTEMI
    • Soluzioni
  • News
  • Contatti
×
  • La società
    • Chi siamo
    • Il team
    • La cultura dei valori
    • Mission
    • Azienda Certificata Iso
  • Formazione
    • Elenco corsi
  • Cyber security
    • Penetration test
    • Consulenza ISO/IEC 27001
    • Privacy
    • Vulnerability assessment
    • PCIDSS
    • Business continuity management e disaster recovery
    • Code security review
    • Mobile protection
    • Servizi di cyber threat intelligence
    • Analisi forense e investigazione
    • Social media Security
  • SOC
  • INTEGRAZIONI SISTEMI
    • Soluzioni
  • News
  • Contatti

Categoria: NPM

  1. Home
  2. NPM

640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack

The new self-replicating worm iteration has destructive capabilities, erasing home directory contents if it cannot spread to more repositories.

The post 640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack appeared first on SecurityWeek.

Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign 

A financially motivated threat actor automated the package publishing process in a coordinated tea.xyz token farming campaign.

The post Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign  appeared first on SecurityWeek.

Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm

The spam campaign is likely orchestrated by an Indonesian threat actor, based on code comments and the packages’ random names.

The post Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm appeared first on SecurityWeek.

Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks

Arbitrary command/code execution has been demonstrated through the exploitation of CVE-2025-11953 on Windows, macOS and Linux. 

The post Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks appeared first on SecurityWeek.

136 NPM Packages Delivering Infostealers Downloaded 100,000 Times

The packages deployed malicious code harvesting system information, credentials, tokens, API keys, and other sensitive information.

The post 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times appeared first on SecurityWeek.

NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms

Threat actors used automation to create over 175 malicious NPM packages targeting more than 135 organizations.

The post NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms appeared first on SecurityWeek.

GitHub Boosting Security in Response to NPM Supply Chain Attacks 

github-boosting-security-in-response-to-npm-supply-chain-attacks 

GitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing.

The post GitHub Boosting Security in Response to NPM Supply Chain Attacks  appeared first on SecurityWeek.

Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit

shai-hulud-supply-chain-attack:-worm-used-to-steal-secrets,-180+-npm-packages-hit

The packages were injected with malicious code to harvest secrets, dump them to a public repository, and make private repositories public.

The post Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit appeared first on SecurityWeek.

Highly Popular NPM Packages Poisoned in New Supply Chain Attack

Designed to intercept cryptocurrency transactions, the malicious code reached 10% of cloud environments.

The post Highly Popular NPM Packages Poisoned in New Supply Chain Attack appeared first on SecurityWeek.

High-Value NPM Developers Compromised in New Phishing Campaign

Hackers have injected malware into popular NPM packages after compromising several developer accounts in a fresh phishing campaign.

The post High-Value NPM Developers Compromised in New Phishing Campaign appeared first on SecurityWeek.

  • 1
  • 2
  • Next
SecurityIT | Consulenza Sulla Sicurezza Informatica
Linkedin-in Envelope Map-marker-alt

Il gruppo

  • La società
  • Azienda Certificata Iso
  • Chi siamo
  • Il team
  • La cultura dei valori
  • Mission
×
  • La società
  • Azienda Certificata Iso
  • Chi siamo
  • Il team
  • La cultura dei valori
  • Mission

Servizi

  • Servizi di consulenza informatica
  • Social media Security
  • Analisi forense e investigazione
  • Servizi di cyber threat intelligence
  • Mobile protection
  • Code security review
  • Business continuity management e disaster recovery
  • Payment card industry data security standard
  • Consulenza vulnerability assessment
  • Consulenza informatica in ambito privacy
  • Consulenza ISO/IEC 27001
  • Penetration test
×
  • Servizi di consulenza informatica
  • Social media Security
  • Analisi forense e investigazione
  • Servizi di cyber threat intelligence
  • Mobile protection
  • Code security review
  • Business continuity management e disaster recovery
  • Payment card industry data security standard
  • Consulenza vulnerability assessment
  • Consulenza informatica in ambito privacy
  • Consulenza ISO/IEC 27001
  • Penetration test
© show.it | Tutti i diritti riservati | P.Iva 06984320017 | Privacy Policy | Cookie Policy | Realizzato da incio.it