@anon
sign up
@anon
sign up
pull down to refresh
Tinycolor npm Package Compromised in (another) Supply Chain Attack
socket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
953 sats
\
3 comments
\
@aljaz
16 Sep
security
related
NPM hack was mentioned multiple times on SN before yesterday
130 sats
\
4 comments
\
@nolem
9 Sep
bitdevs
North Korean Hackers Targeting Developers with Malicious npm Packages
thehackernews.com/2024/02/north-korean-hackers-targeting.html
23 sats
\
0 comments
\
@doofus
28 Feb 2024
security
How to Verify the Impact of the Recent NPM Attack on My Wallets?
400 sats
\
29 comments
\
@spiderman
11 Sep
bitcoin
Are There Some Sample Transactions from the Recent NPM Exploits?
100 sats
\
1 comment
\
@spiderman
11 Sep
bitcoin
Malicious PyPi package steals Discord auth tokens from devs
www.bleepingcomputer.com/news/security/malicious-pypi-package-steals-discord-auth-tokens-from-devs/
59 sats
\
0 comments
\
@ch0k1
18 Jan
security
GitHub MCP Server Vulnerability Let Attackers Access Private Repositories
cybersecuritynews.com/github-mcp-server-vulnerability/amp/
11 sats
\
0 comments
\
@ch0k1
31 May
security
Npm Run Hack:Me - A Supply Chain Attack Journey
rxj.dev/posts/npm-run-hack-supply-chain-attack-journey/
161 sats
\
1 comment
\
@k00b
12 Mar
devs
We Just Found Malicious Code in the Popular NPM Package
jdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1397 sats
\
18 comments
\
@kristapsk
8 Sep
security
Self Propagating NPM Malware Compromises over 40 Packages
www.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised
100 sats
\
0 comments
\
@hn
16 Sep
tech
NPM debug and chalk packages compromised
www.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
233 sats
\
0 comments
\
@hn
8 Sep
tech
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
thehackernews.com/2024/07/malicious-npm-packages-found-using.html?m=1
23 sats
\
0 comments
\
@ch0k1
19 Jul 2024
news
NPM security: preventing supply chain attacks | Snyk (2022)
snyk.io/blog/npm-security-preventing-supply-chain-attacks/
417 sats
\
20 comments
\
@ek
9 Sep
security
Self-Replicating Worm Hits 180+ Software Packages
krebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/
50 sats
\
0 comments
\
@ch0k1
16 Sep
news
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor
thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html
24 sats
\
0 comments
\
@ch0k1
11 May
news
Bogus npm Packages Used to Trick Software Developers into Installing Malware
thehackernews.com/2024/04/bogus-npm-packages-used-to-trick.html?m=1
42 sats
\
1 comment
\
@ch0k1
28 Apr 2024
security
Plugins on WordPress.org backdoored in supply chain attack
www.bleepingcomputer.com/news/security/plugins-on-wordpressorg-backdoored-in-supply-chain-attack/
31 sats
\
1 comment
\
@Rsync25
25 Jun 2024
security
Official NPM package for XRP infected with crypto stealing backdoor
www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor
12 sats
\
0 comments
\
@carter
22 Apr
security
GitHub suffers a cascading supply chain attack compromising CI/CD secrets
www.infoworld.com/article/3849245/github-suffers-a-cascading-supply-chain-attack-compromising-ci-cd-secrets.html
289 sats
\
2 comments
\
@ch0k1
21 Mar
security
Snyk security researcher deploys malicious NPM packages targeting Cursor.com
sourcecodered.com/snyk-malicious-npm-package/
34 sats
\
0 comments
\
@hn
14 Jan
tech
BNB Chain faces $80K Bitcoin exploit. White hat hacker or ongoing exploit?
cointelegraph.com/news/bnb-chain-80k-bitcoin-exploit-white-hat-hacker
21 sats
\
0 comments
\
@Cje95
28 May 2024
bitcoin
Public secrets exposure leads to supply chain attack on GitHub CodeQL
www.praetorian.com/blog/codeqleaked-public-secrets-exposure-leads-to-supply-chain-attack-on-github-codeql/
31 sats
\
0 comments
\
@hn
30 Mar
tech
more