All articles tagged with #npm
CISA issued an alert about a widespread supply chain attack involving npm packages, where a self-replicating worm called 'Shai-Hulud' compromised over 500 packages, exfiltrated credentials, and spread malware. Organizations are advised to review dependencies, rotate credentials, enable MFA, monitor network activity, and harden GitHub security to mitigate the threat.
Researchers have uncovered over 70 malicious npm and VS Code packages used for data theft, cryptomining, and destructive payloads, with threat actors deploying sophisticated techniques including masquerading as legitimate tools, evading sandbox detection, and using multi-stage infection chains to compromise developers' systems and steal sensitive information.
Researchers have discovered hundreds of malicious code libraries on NPM that attempt to install malware on developers' machines. These packages use typosquatting to trick developers into downloading them, and they connect to IP addresses stored on the Ethereum blockchain to fetch additional malicious files and send system information back to the attackers. The campaign highlights the importance of verifying package names before installation to avoid such threats.