Maintainers of ESLint Prettier Plugin Attacked via npm Supply Chain Malware
Source
SnykMaintainers of ESLint Prettier Plugin Attacked via npm Supply Chain Malwaresnyk.ioYou might also wanna read
Major NPM Supply Chain Attack: @ctrl/tinycolor and 40+ Packages Compromised with Self-Propagating Malware
A sophisticated supply chain attack has compromised the popular @ctrl/tinycolor NPM package (with over 2 million weekly downloads) along wit

September 2025 NPM supply-chain attack compromises popular JavaScript packages
In September 2025, a coordinated software supply-chain attack targeted multiple popular NPM packages in the JavaScript ecosystem. The attack
NPM supply chain attack compromises popular packages, posing widespread security risk
A significant supply chain attack on the NPM package ecosystem compromised several popular packages, potentially allowing malicious code to
Supply Chain Attack Compromises @ctrl/tinycolor npm Package, Affects 40+ Packages
A malicious update to the popular npm package @ctrl/tinycolor (2.2M weekly downloads) was detected as part of a broader supply chain attack
Major NPM Supply Chain Attack: Over 1,000 Packages Infected via Fake Bun Runtime
A major cybersecurity incident occurred where over 1,000 NPM packages and 27,000+ GitHub repositories were infected within hours via a fake
Security Alert: Malicious Nx Packages Published to npm Containing Credential-Stealing Code
Malicious versions of the Nx package and several supporting plugins were published to npm, containing code that scans file systems, collects

Comments
Sign in to join the conversation.
No comments yet. Be the first.