Malicious code found in npm package event-stream downloaded 8 million times in the past 2.5 months
7y agoen
Source
SnykMalicious code found in npm package event-stream downloaded 8 million times in the past 2.5 monthssnyk.ioAn overview of how the malicious flatmap-stream npm package operates, and remediation steps to follow if you've been affected.
You might also wanna read
NPM Vulnerability Allows 126 Malicious Packages to Be Downloaded 86,000+ Times
Security researchers have discovered a major vulnerability in NPM (Node Package Manager) that allows attackers to distribute malicious packa
arstechnica.com·8mo agoPopular npm packages debug and chalk compromised with crypto-intercepting malware
Starting September 8th, 2023, the popular npm packages "debug" and "chalk" were compromised with malicious code. These packages, which colle
aikido.dev·10mo agoAxios attack: How a compromised npm package delivered RAT malware
ThreatLocker·12d ago
Major NPM Supply Chain Attack: Over 1,000 Packages Infected via Fake Bun Runtime
A major cybersecurity incident occurred where over 1,000 NPM packages and 27,000+ GitHub repositories were infected within hours via a fake
Supply Chain Attack Compromises @ctrl/tinycolor npm Package, Affects 40+ Packages
A malicious update to the popular npm package @ctrl/tinycolor (2.2M weekly downloads) was detected as part of a broader supply chain attack
Major NPM Supply Chain Attack: @ctrl/tinycolor and 40+ Packages Compromised with Self-Propagating Malware
A sophisticated supply chain attack has compromised the popular @ctrl/tinycolor NPM package (with over 2 million weekly downloads) along wit

Comments
Sign in to join the conversation.
No comments yet. Be the first.