All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Snyk uncovers malicious code activities in open source supply chain security on the npm registry

5y agoen

Source

SnykSnyk uncovers malicious code activities in open source supply chain security on the npm registrysnyk.io
Snippet from the RSS feed
In a recent npm security research activity, Snyk uncovered a total of 8 npm packages that matched a specific malicious code vector of attack.

You might also wanna read

Major NPM Supply Chain Attack: Over 1,000 Packages Infected via Fake Bun Runtime

A major cybersecurity incident occurred where over 1,000 NPM packages and 27,000+ GitHub repositories were infected within hours via a fake

helixguard.ai·7mo ago

Axios attack: How a compromised npm package delivered RAT malware

ThreatLocker·12d ago

Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries

A threat actor using the alias vpmdhaj published 14 malicious npm packages within four hours, impersonating legitimate OpenSearch, Elasticse

theregister.com·1mo ago

Microsoft detects 14 malicious npm packages impersonating OpenSearch and Elasticsearch libraries

A threat actor using the alias vpmdhaj published 14 malicious npm packages within four hours, impersonating legitimate OpenSearch, Elasticse

theregister.com·1mo ago

Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts

The article discusses recent supply chain attacks on open-source software projects like LiteLLM and axios, with a specific case study of att

casco.com·3mo ago

Red Hat npm supply chain attack compromises 32 packages with credential-stealing malware

A supply chain attack targeted Red Hat's npm namespace (@redhat-cloud-services), with 96 compromised versions across 32 packages backdoored

briefly.co·1mo ago

September 2025 NPM supply-chain attack compromises popular JavaScript packages

In September 2025, a coordinated software supply-chain attack targeted multiple popular NPM packages in the JavaScript ecosystem. The attack

projectptixiakis.github.io·1mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.