News
Billions (No, that's not a typo, Billions with a capital B) of files were potentially compromised. If you thought Node Package Manager (npm), the Billions of downloads were potentially compromised ...
On September 8, 2025, a single phishing email triggered one of npm’s most damaging supply chain attacks, compromising 18 ...
"debug" package attack failed; malicious update detected early, minimal impact. Developers urged to check their installations ...
Aikido Security Ltd. today disclosed what is being described as the largest npm supply chain compromise to date, after ...
Multiple npm packages have been compromised by a phishing attack in an attempt to spread crypto malware to billions of victims.
In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback