Bleeping Computer

New Linux, macOS malware hidden in fake Browserify NPM package

A new malicious package has been spotted this week on the npm registry, which targets NodeJS developers using Linux and Apple macOS operating systems. The malicious package is called "web-browserify," ...
Hosted on MSN

Not pretty, not Windows-only: npm phishing attack laces popular packages with malware

The popular npm package "is" was infected with cross-platform malware, around the same time that linting utility packages used with the prettier code formatter were infected with Windows-only malware.
Hosted on MSN

NPM packages from Nx targeted in latest worrying software supply chain attack

When a token with publishing rights was stolen, multiple poisoned Nx variants were released The malware stole secrets and other important data The attack lasted a few hours, but could be causing ...
TheStreet.com

How to stay safe if you’re using MetaMask, Phantom, Trust or any crypto wallet from NPM attack

A new cyberattack has put millions of crypto users on alert after hackers slipped malicious code into NPM, the software registry that powers thousands of apps and websites, including many tied to ...
CoinTelegraph

Largest NPM attack in crypto history stole less than $50: SEAL

Hackers broke into the node package manager (NPM) account of a well-known software developer and added malware to popular JavaScript libraries, targeting crypto wallets. ”Picture this: you compromise ...