NPM

New Protestware Uses npm Packages to Call for Peace in Gaza and Ukraine

3 minute read

Security

New Protestware Uses npm Packages to Call for Peace in Gaza and Ukraine

Apart from displaying these messages, the packages performed no other actions. This indicates that these aren't malicious per se.

byWaqas

November 16, 2023

OpenSSF Launches Malicious Packages Repository

4 minute read

Security

OpenSSF Launches Malicious Packages Repository

The launch of the Malicious Packages repository comes at a time when cyberattacks, leveraging malicious open source packages, are on the rise.

byWaqas

October 17, 2023

3 minute read

NPM Typosquatting Attack Deploys r77 Rootkit via Legitimate Package

Another day, another NPM typosquatting attack.

byDeeba Ahmed

October 5, 2023

Fortinet Labs Uncovers Series of Malicious NPM Packages Stealing Data

4 minute read

Security

FortiGuard Labs Uncovers Series of Malicious NPM Packages Stealing Data

There are over 17 million developers worldwide who use NPM packages, making it a lucrative target for cybercriminals.

byWaqas

October 2, 2023

3 minute read

Luna Grabber Malware Hits Roblox Devs Through npm Packages

The campaign, which began at the start of August 2023, revolves around malicious packages impersonating the legitimate noblox.js,…

byHabiba Rashid

August 22, 2023

3 minute read

Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks

In the interconnected world of web development, open-source components play a vital role, facilitating collaboration and code sharing…

byHabiba Rashid

July 21, 2023

CISA warns of trojanized versions of JavaScript library's NPM package

2 minute read

News

CISA warns of trojanized versions of JavaScript library’s NPM package

The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository.

byDeeba Ahmed

October 23, 2021

The Latest

Stellar Cyber Bridges Cybersecurity Skills Gap with First-of-Its-Kind University Program

US Man Jailed 8 Years for SIM Swapping and Apple Support Impersonation

Particle Network’s Intent-Centric Approach Aims to Simplify and Secure Web3

Digital Transformation in the Financial Industry: The Role of Fintech

NPM

New Protestware Uses npm Packages to Call for Peace in Gaza and Ukraine

OpenSSF Launches Malicious Packages Repository

NPM Typosquatting Attack Deploys r77 Rootkit via Legitimate Package

FortiGuard Labs Uncovers Series of Malicious NPM Packages Stealing Data

Luna Grabber Malware Hits Roblox Devs Through npm Packages

Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks

CISA warns of trojanized versions of JavaScript library’s NPM package

Hunters Security: Google Workspace Vulnerable to Takeover Due to Domain-Wide Delegation Flaw

READYgg Onboards 15 Million Web2 Players into Web3 in Partnership with Aptos Labs

India Blockchain Week (IBW) Unveils Diverse Speaker Line-up

Horse Racing Game NEOBRED Integrates with Avalanche for Elite Gaming Experience

Boise State University’s Cyberdome Program Soars in First Year of Operation