All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter
First reported by Snyk
Maintainers of ESLint Prettier Plugin Attacked via npm Supply Chain Malware

eslint-config-prettier Compromised: How npm Package with 30 Million Downloads Spread Malware

A supply chain attack exploiting eslint-config-prettier and other popular npm packages were discovered with major supply chain impact. In this blog, we will explore the details of the hack and the…

Read the full article
11mo ago

You might also wanna read

Maintainers of ESLint Prettier Plugin Attacked via npm Supply Chain Malware

Urgent warning: Maintainers of popular npm packages like ESLint Prettier Plugin were attacked via an npm supply chain malware incident. Lear

Snyk·11mo ago

NPM supply chain attack compromises popular packages, posing widespread security risk

That NPM attack could have been so much worse.

xeiaso.net·10mo ago

September 2025 NPM supply-chain attack compromises popular JavaScript packages

In September 2025, the JavaScript ecosystem faced one of its most disruptive security events to date: a coordinated software supply-chain at

projectptixiakis.github.io·1mo ago

Major NPM Supply Chain Attack: Over 1,000 Packages Infected via Fake Bun Runtime

Over 1,000 NPM packages were infected using the same method as the previous attack, infecting with a fake Bun runtime. The attacker leverage

helixguard.ai·7mo ago

Major NPM Supply Chain Attack: @ctrl/tinycolor and 40+ Packages Compromised with Self-Propagating Malware

The popular @ctrl/tinycolor package with over 2 million weekly downloads has been compromised alongside 40+ other NPM packages in a sophisti

Step Security·9mo ago

Major NPM Supply Chain Attack: @ctrl/tinycolor and 40+ Packages Compromised with Self-Propagating Malware

The popular @ctrl/tinycolor package with over 2 million weekly downloads has been compromised alongside 40+ other NPM packages in a sophisti

stepsecurity.io·9mo ago

Supply Chain Attack Compromises @ctrl/tinycolor npm Package, Affects 40+ Packages

Malicious update to @ctrl/tinycolor on npm is part of a supply-chain attack hitting 40+ packages across maintainers

socket.dev·9mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.