A hacker has gained access to a developer's npm account and injected malicious code into a popular JavaScript library, code that was designed to steal the npm credentials of users who utilize the ...
The Register on MSN
GitHub moves to tighten npm security amid phishing, malware plague
Hundreds of compromised packages pulled as registry shifts to 2FA and trusted publishing GitHub, which owns the npm registry ...
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web ...
A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a ...
Criminals used a typo-squatting technique and uploaded rogue JavaScript libraries to a popular code repository npm. Hackers seeking developer credentials used typo-squatting to spread malicious code ...
GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
A new cyberattack has put millions of crypto users on alert after hackers slipped malicious code into NPM, the software registry that powers thousands of apps and websites, including many tied to ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback