The Node Package Manager (npm) team avoided a disaster today when it discovered and blocked the distribution of a cleverly hidden backdoor mechanism inside a popular —albeit deprecated— JavaScript ...
Most JavaScript developers are familiar with the npm package manager, which was originally developed by Isaac Schlueter. What many probably don’t know is that npm is also a company co-founded by ...
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be ...
Ten typosquatted npm packages delivered infostealing malware to nearly 10,000 systemsMalware targeted system keyrings, bypassing app-level security to steal decrypted credentialsAffected users must ...
The NPM JavaScript registry has experienced a jump in malware, including packages related to data theft, crypto mining, botnets, and remote code execution, according to security company WhiteSource.
The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the computers ...
Two code packages named "nodejs-encrypt-agent" in the popular npm JavaScript library and registry recently were discovered containing the open source information-stealing TurkoRat malware. Researchers ...
“After GlassWorm showed how quickly a malicious package could self-replicate across npm, and the chalk/debug hijacking ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback