News

Supply chain attack hits npm package with 45,000 weekly downloads
An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates ...
The Hacker News1d
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
Malicious npm packages targeting Cursor macOS users stole credentials and disabled updates, impacting 3,200+ downloads.
CoinDesk17d
XRP Ledger Bug Patched After 'Serious' Flaw Spotted in XRPL Library
The issue only affects versions of Node Package Manager (NPM), a site where developers share reusable code for projects.
Hosted on MSN1mon
Malicious npm packages use devious backdoors to target users
Security researchers from Reversing Labs find two malicious packages on npm These serve as downloaders ... using dubious backdoors to target their users. Cybersecurity researchers from Reversing ...