JD Supra2d
Hundreds of malicious packages posted to npm targeting cryptocurrency developers
Cybersecurity researchers at Phylum reported on October 31 that a threat actor uploaded hundreds of malicious packages to npm, an open source repository used in JavaScript development. The malicious ...
Direct Marketing News13d
Hackers target npm developers with typosquat packages
The aim is to infect the systems of developers who rely on these registries for their code. To hide their malicious intent, ...
Ongoing typosquatting campaign impersonates hundreds of popular npm packages
Phylum noted that some unknown miscreant was using typosquat packages masquerading as Puppeteer, Bignum.js and various cryptocurrency libraries – 287 packages in total – to trick developers into ...