Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine
4y agoen
Source
SnykAlert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukrainesnyk.ioVue.js users using the dependency “node-ipc” are experiencing a supply chain attack protesting the invasion of Ukraine, from a package named “peacenotwar”.
You might also wanna read
Satirical piece mocks npm ecosystem's recurring supply chain security vulnerabilities
A satirical article about a supply chain attack in the npm JavaScript package registry. The piece mocks the JavaScript developer community's

September 2025 NPM supply-chain attack compromises popular JavaScript packages
In September 2025, a coordinated software supply-chain attack targeted multiple popular NPM packages in the JavaScript ecosystem. The attack
projectptixiakis.github.io·1mo ago
Obsidian plugin was abused to deploy a remote access trojan
cyber.netsecops.io·1mo ago
Supply Chain Attack Wave Targets npm Packages and Go Ecosystem via Mini Shai-Hulud Malware Family
Socket Threat Research is tracking a new supply chain attack wave linked to the Mini Shai-Hulud, Miasma, and Hades malware family. The campa
hendryadrian.com·12d agoNorth Korean Hackers Target Open Source Developers in Supply Chain Attacks
BackBox.org·1d ago
npm to Implement Staged Publishing as Security Response to Supply Chain Attacks
npm is implementing staged publishing as a security response to supply chain attacks, particularly the Shai-Hulud campaign that exposed vuln

Comments
Sign in to join the conversation.
No comments yet. Be the first.