sign up
sign up
sign up
sign up
pull down to refresh
We Just Found Malicious Code in the Popular NPM Package
jdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1497 sats
\
18 comments
\
@kristapsk
8 Sep 2025
security
related
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
thehackernews.com/2026/04/bitwarden-cli-compromised-in-ongoing.html
1134 sats
\
5 comments
\
@Scoresby
23 Apr
tech
devs
Compromised npm package silently installs OpenClaw on developer machines
www.csoonline.com/article/4135449/compromised-npm-package-silently-installs-openclaw-on-developer-machines.html
422 sats
\
4 comments
\
@winteryeti
24 Feb
AI
'Sha1-Hulud' npm malware is back
377 sats
\
0 comments
\
@anon
28 Nov 2025
lightning
Multiple redhat-cloud-services npm Packages compromised - StepSecurity
www.stepsecurity.io/blog/multiple-redhat-cloud-services-npm-packages-compromised
776 sats
\
1 comment
\
@winteryeti
2 Jun
tech
Tinycolor npm Package Compromised in (another) Supply Chain Attack
socket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
1053 sats
\
3 comments
\
@aljaz
16 Sep 2025
security
400+ AUR Packages Compromised with Infostealer and Rootkit
discourse.ifin.network/t/400-aur-packages-compromised-with-infostealer-and-rootkit/577
288 sats
\
5 comments
\
@k00b
12 Jun
security
tech
NPM debug and chalk packages compromised
www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
263 sats
\
0 comments
\
@hn
8 Sep 2025
tech
TanStack NPM Packages Compromised
github.com/TanStack/router/issues/7383
1054 sats
\
7 comments
\
@hn
11 May
tech
🚨 CRITICAL: supply chain attack on axios
1626 sats
\
8 comments
\
@justin_shocknet
31 Mar
devs
Over 100,000 Infected Repos Found on GitHub
1697 sats
\
6 comments
\
@0xbitcoiner
29 Feb 2024
security
NPM security: preventing supply chain attacks | Snyk (2022)
snyk.io/blog/npm-security-preventing-supply-chain-attacks/
517 sats
\
20 comments
\
@ek
9 Sep 2025
security
PhantomRaven: NPM Malware Hidden in Invisible Dependencies
www.koi.ai/blog/phantomraven-npm-malware-hidden-in-invisible-dependencies
389 sats
\
2 comments
\
@kepford
30 Oct 2025
security
Malicious Python Packages Replace Crypto Addresses in Developer Clipboards
blog.phylum.io/pypi-malware-replaces-crypto-addresses-in-developers-clipboard
334 sats
\
3 comments
\
@rijndael
7 Nov 2022
bitcoin
ECONNREFUSED for `npm install -g pnpm`. help?
259 sats
\
5 comments
\
@deSign_r
24 Oct 2024
devs
Which npm package has the largest version number?
adamhl.dev/blog/largest-number-in-npm-package/
200 sats
\
3 comments
\
@carter
15 Sep 2025
devs
firefox-patch-bin, librewolf-fix-bin and other AUR packages contain malware
lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/7EZTJXLIAQLARQNTMEW2HBWZYE626IFJ/
408 sats
\
2 comments
\
@k00b
24 Jul 2025
security
Experts found 3 malicious packages hiding crypto miners in PyPi repository
securityaffairs.com/156897/malware/malicious-packages-pypi-repository.html
813 sats
\
2 comments
\
@Gian
5 Jan 2024
security
Malicious VSCode extensions with millions of installs discovered
www.bleepingcomputer.com/news/security/malicious-visual-studio-code-extensions-with-millions-of-installs-discovered/
380 sats
\
0 comments
\
@Rsync25
9 Jun 2024
security
Npm Run Hack:Me - A Supply Chain Attack Journey
rxj.dev/posts/npm-run-hack-supply-chain-attack-journey/
661 sats
\
1 comment
\
@k00b
12 Mar 2025
devs
We have identified and removed a malicious version of the Ledger Connect Kit
twitter.com/Ledger/status/1735291427100455293
1916 sats
\
16 comments
\
@0xbitcoiner
14 Dec 2023
bitcoin
Hacking campaign compromised at least 16 Chrome browser extensions
securityaffairs.com/172491/hacking/chrome-browser-extensions-compromise.html
266 sats
\
0 comments
\
@nym
1 Jan 2025
security
more