pull down to refresh

Npm Run Hack:Me - A Supply Chain Attack Journeyrxj.dev/posts/npm-run-hack-supply-chain-attack-journey/
161 sats \ 1 comment \ @k00b 12 Mar devs
related
NPM security: preventing supply chain attacks | Snyk (2022)snyk.io/blog/npm-security-preventing-supply-chain-attacks/
417 sats \ 20 comments \ @ek 9 Sep security
North Korean Hackers Targeting Developers with Malicious npm Packagesthehackernews.com/2024/02/north-korean-hackers-targeting.html
23 sats \ 0 comments \ @doofus 28 Feb 2024 security
Malicious npm Packages Found Using Image Files to Hide Backdoor Codethehackernews.com/2024/07/malicious-npm-packages-found-using.html?m=1
23 sats \ 0 comments \ @ch0k1 19 Jul 2024 news
Bogus npm Packages Used to Trick Software Developers into Installing Malwarethehackernews.com/2024/04/bogus-npm-packages-used-to-trick.html?m=1
42 sats \ 1 comment \ @ch0k1 28 Apr 2024 security
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoorthehackernews.com/2025/05/malicious-npm-packages-infect-3200.html
24 sats \ 0 comments \ @ch0k1 11 May news
GitHub suffers a cascading supply chain attack compromising CI/CD secretswww.infoworld.com/article/3849245/github-suffers-a-cascading-supply-chain-attack-compromising-ci-cd-secrets.html
289 sats \ 2 comments \ @ch0k1 21 Mar security
GitHub Developers Hit in Complex Supply Chain Cyberattackwww.darkreading.com/application-security/github-developers-hit-in-complex-supply-chain-cyberattack
120 sats \ 0 comments \ @ch0k1 26 Mar 2024 devs
Hackers target Docker, Hadoop, Redis, Confluence with new Golang malwarewww.bleepingcomputer.com/news/security/hackers-target-docker-hadoop-redis-confluence-with-new-golang-malware/
120 sats \ 0 comments \ @ch0k1 6 Mar 2024 security
GitHub MCP Exploited: Accessing private repositories via MCPinvariantlabs.ai/blog/mcp-github-vulnerability
20 sats \ 0 comments \ @k00b 27 May tech
State-of-the-Art Redis Malware Bypasses Security Solutions to Hack Serversgbhackers.com/state-of-the-art-redis-malware/
22 sats \ 0 comments \ @ch0k1 4 Feb 2024 security
Self Propagating NPM Malware Compromises over 40 Packageswww.stepsecurity.io/blog/ctrl-tinycolor-and-40-npm-packages-compromised
100 sats \ 0 comments \ @hn 16 Sep tech
We Just Found Malicious Code in the Popular NPM Packagejdstaerk.substack.com/p/we-just-found-malicious-code-in-the
1397 sats \ 18 comments \ @kristapsk 8 Sep security
Tinycolor npm Package Compromised in (another) Supply Chain Attacksocket.dev/blog/tinycolor-supply-chain-attack-affects-40-packages
953 sats \ 3 comments \ @aljaz 16 Sep security
NPM hack was mentioned multiple times on SN before yesterday
130 sats \ 4 comments \ @nolem 9 Sep bitdevs
Self-Replicating Worm Hits 180+ Software Packageskrebsonsecurity.com/2025/09/self-replicating-worm-hits-180-software-packages/
50 sats \ 0 comments \ @ch0k1 16 Sep news
How to Verify the Impact of the Recent NPM Attack on My Wallets?
400 sats \ 29 comments \ @spiderman 11 Sep bitcoin
Backdoor Slipped Into Popular Code Library, Drains ~$155k From SOL Walletsarstechnica.com/information-technology/2024/12/backdoor-slips-into-popular-code-library-drains-155k-from-digital-wallets/
81 sats \ 0 comments \ @0xbitcoiner 5 Dec 2024 security
Who's spying on your Bitcoin node? w/ @0xB10C | Journey to Sovereigntyjourneytosovereignty.alitu.com/episode/6d4b78cb-de83-4819-934a-d077ad836762
533 sats \ 4 comments \ @foundationdvcs 29 Mar 2023 bitcoin
Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Envsunit42.paloaltonetworks.com/large-scale-cloud-extortion-operation/
120 sats \ 0 comments \ @aljaz 19 Aug 2024 security
Are There Some Sample Transactions from the Recent NPM Exploits?
100 sats \ 1 comment \ @spiderman 11 Sep bitcoin
NPM debug and chalk packages compromisedwww.aikido.dev/blog/npm-debug-and-chalk-packages-compromised
233 sats \ 0 comments \ @hn 8 Sep tech