Cybersecurity researchers have disclosed what they say is an active “Shai-Hulud-like” supply chain worm…
Tag:
npm
-
-
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the…
-
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on…
-
Ravie LakshmananFeb 03, 2026Open Source / Vulnerability Threat actors have been observed exploiting a…
-
Mobile SecuritySecurity
Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud
Not the complete picture He says the scripts bypass vulnerability was reported through the…
-
Data BreachSecurity
From typos to takeovers: Inside the industrialization of npm supply chain attacks
That scale, however, is only part of the risk. The exposure is amplified by…
-
Physical SecuritySecurity
Malicious npm packages target the n8n automation platform in a supply chain attack
“According to security researchers at data security company Cyera, there were more than 100,000…
-
Jan 08, 2026Ravie LakshmananMalware / Cloud Security Cybersecurity researchers have discovered three malicious npm…
-
Dec 31, 2026Ravie LakshmananCybersecurity / Malware Cybersecurity researchers have disclosed details of what appears…
-
Just weeks after the devastating “Second Coming” campaign crippled thousands of development environments, the…