All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Malicious node-ipc versions published to npm in suspected maintainer account compromise

1mo agoen

Source

SnykMalicious node-ipc versions published to npm in suspected maintainer account compromisesnyk.io
Snippet from the RSS feed
On May 14, 2026, multiple malicious versions of the popular npm package node-ipc were published to the npm registry. Current public reporting identifies node...

You might also wanna read

Popular npm packages debug and chalk compromised with crypto-intercepting malware

Starting September 8th, 2023, the popular npm packages "debug" and "chalk" were compromised with malicious code. These packages, which colle

aikido.dev·10mo ago

NPM Vulnerability Allows 126 Malicious Packages to Be Downloaded 86,000+ Times

Security researchers have discovered a major vulnerability in NPM (Node Package Manager) that allows attackers to distribute malicious packa

arstechnica.com·8mo ago

Attacker publishes 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries

A single npm user published 14 malicious packages over four hours, impersonating popular OpenSearch, Elasticsearch, DevOps, and environment-

briefly.co·1mo ago

Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries

A threat actor using the alias vpmdhaj published 14 malicious npm packages within four hours, impersonating legitimate OpenSearch, Elasticse

theregister.com·1mo ago

Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries

A threat actor using the alias vpmdhaj published 14 malicious npm packages within four hours, impersonating legitimate OpenSearch, Elasticse

theregister.com·1mo ago

Security Alert: Malicious Nx Packages Published to npm Containing Credential-Stealing Code

Malicious versions of the Nx package and several supporting plugins were published to npm, containing code that scans file systems, collects

github.com·10mo ago

DuckDB npm packages 1.3.3 and 1.29.2 compromised with cryptocurrency-targeting malware

The DuckDB npm packages (duckdb, @duckdb/node-api, @duckdb/node-bindings, and duckdb-async) were compromised with malware in versions 1.3.3

github.com·10mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.