node-ipc npm Package with 822K Weekly Downloads Compromised in Supply Chain Attack

Guru Baran

7 hours ago

7 Visningar

0 Kommentarer

node-ipc npm Package with 822K Weekly Downloads Compromised in Supply Chain Attack

A widely used JavaScript inter-process communication library has been weaponized again. Socket and Stepsecurity have confirmed that three newly published versions of node-ipc, a package with over 822,000 weekly downloads, contain obfuscated stealer and backdoor payloads, marking the second major supply chain compromise of this package since...

Läs hela artikeln hos källan.

Läs originalartikeln

Var detta hjälpsamt?

Dela:

Kommentarer (0)

Vänligen logga in för att publicera en kommentar

Inga kommentarer ännu. Bli först med att kommentera!

Relaterade nyheter

Digital security in war and conflict: challenges for civil society and tools for resilience

just now

New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass

6 hours ago

Bläddra efter kategori

blog crypto news politics privacy sysadmin technology

Länk kopierad till urklipp

node-ipc npm Package with 822K Weekly Downloads Compromised in Supply Chain Attack

Kommentarer (0)

Relaterade nyheter

Digital security in war and conflict: challenges for civil society and tools for resilience

Sandworm Hackers Pivot From Compromised IT Systems Toward Critical OT Assets

Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network

Linux devs are fighting the new age-gated internet

New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass

Bläddra efter kategori