Hundreds of malware-laden fake npm packages posted online to try and trick developers
Software developers, especially those working with cryptocurrencies, are once again facing a supply chain attack via open source code repositories.
Ongoing typosquatting campaign impersonates hundreds of popular npm packages
Phylum noted that some unknown miscreant was using typosquat packages masquerading as Puppeteer, Bignum.js and various cryptocurrency libraries – 287 packages in total – to trick developers into ...
techzine23h
Hackers abuse NPM code registries via Ethereum network
Well-known open-source node package manager (NPM) registries are the target of massive attacks with malicious packages. These ...