MAL-2026-10079: Malicious code in vybscan-testbed-obfuscated-postinstall (npm)
The npm package vybscan-testbed-obfuscated-postinstall version 1.0.0 contains a postinstall lifecycle script that executes obfuscated code decoded from a base64 string. Although the current decoded…
Read the full articleYou might also wanna read
Typosquatted npm Package Delivers Windows RAT with Encrypted C2 and Registry Persistence
A newly discovered malware campaign is targeting Windows systems through a deceptive package on the npm registry. Disguised as a legitimate
cybersecuritynews.com·15d ago176 malicious npm packages used dependency confusion to target internal dependencies and steal credentials
A 176-package npm malware campaign used dependency confusion and install-time scripts to steal credentials and compromise developer and CI/C
Security Alert: Malicious Nx Packages Published to npm Containing Credential-Stealing Code
## Summary Malicious versions of the [`nx` package]( as well as some supporting plugin packages, were published to npm, containing code that
Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries
And then Microsoft busted them all
Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries
And then Microsoft busted them all
Post-mortem Analysis of @ctrl/tinycolor npm Supply Chain Attack via GitHub Actions
Lessons learned from becoming the unexpected face of a npm supply-chain attack.
AI-Generated npm Package Leaks Its Own GitHub Token, Exposing Malware Operator
Sloppy AI-generated npm infostealer leaked its own GitHub token, exposing the operator

Comments
Sign in to join the conversation.
No comments yet. Be the first.