The spam campaign is likely orchestrated by an Indonesian threat actor, based on code comments and the packages’ random names.
The post Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm appeared first on SecurityWeek.
Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks
Arbitrary command/code execution has been demonstrated through the exploitation of CVE-2025-11953 on Windows, macOS and Linux.
The post Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks appeared first on SecurityWeek.
136 NPM Packages Delivering Infostealers Downloaded 100,000 Times
The packages deployed malicious code harvesting system information, credentials, tokens, API keys, and other sensitive information.
The post 136 NPM Packages Delivering Infostealers Downloaded 100,000 Times appeared first on SecurityWeek.
NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms
Threat actors used automation to create over 175 malicious NPM packages targeting more than 135 organizations.
The post NPM Infrastructure Abused in Phishing Campaign Aimed at Industrial and Electronics Firms appeared first on SecurityWeek.
GitHub Boosting Security in Response to NPM Supply Chain Attacks
GitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing.
The post GitHub Boosting Security in Response to NPM Supply Chain Attacks appeared first on SecurityWeek.
Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit
The packages were injected with malicious code to harvest secrets, dump them to a public repository, and make private repositories public.
The post Shai-Hulud Supply Chain Attack: Worm Used to Steal Secrets, 180+ NPM Packages Hit appeared first on SecurityWeek.
Highly Popular NPM Packages Poisoned in New Supply Chain Attack
Designed to intercept cryptocurrency transactions, the malicious code reached 10% of cloud environments.
The post Highly Popular NPM Packages Poisoned in New Supply Chain Attack appeared first on SecurityWeek.
High-Value NPM Developers Compromised in New Phishing Campaign
Hackers have injected malware into popular NPM packages after compromising several developer accounts in a fresh phishing campaign.
The post High-Value NPM Developers Compromised in New Phishing Campaign appeared first on SecurityWeek.
React Native Aria Packages Backdoored in Supply Chain Attack
A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.
The post React Native Aria Packages Backdoored in Supply Chain Attack appeared first on SecurityWeek.
Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems
Two malicious NPM packages contain code that would delete production systems when triggered with the right credentials.
The post Malicious NPM Packages Disguised as Express Utilities Allow Attackers to Wipe Systems appeared first on SecurityWeek.
