nodemon-sudo: an npm Backdoor With No Install Script
nodemon-sudo copies the real nodemon byte for byte, adds nothing malicious to its own code, and injects one extra dependency, tslint-conf, a repackaged pino logger carrying a backdoor. There is no…
Read the full articleYou might also wanna read
MAL-2026-7022: Malicious code in tslint-conf (npm)
The npm package 'tslint-conf' version 7.2.1 is a malicious package masquerading as the 'pino' logger. It exports middleware that, when invok
MAL-2026-10117: Malicious code in nodemon-slint (npm)
The nodemon-slint package on npm contains malicious code that fully compromises any computer on which it is installed or running. The compro
MAL-2026-10077: Malicious code in type-slint (npm)
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (1b5cd26e040f4f4366ed65cca4b70258d276f781e0aab76b99b

Hackers tried to backdoor Injective npm package to steal wallet keys
The incident is significant for developers and applications that handle Injective wallet workflows, Socket researchers said. Latest NewsRead
MAL-2026-10057: Malicious code in chunk-parser (npm)
--- _-= Per source details. Do not edit below this line.=-_ ## Source: amazon-inspector (8ffcc87316488b883c382ff45dd16c0bccb3cba432351f0716f

GPT-Proxy Backdoor in npm and PyPI turns Servers into Chinese LLM Relays
A newly discovered npm and PyPI malware campaign installs hidden LLM proxies on compromised servers, turning them into relay nodes for LLM t

Comments
Sign in to join the conversation.
No comments yet. Be the first.