Researchers at Zscaler ThreatLabz have found three malicious Bitcoin npm packages that are meant to implant malware named ...

New malicious NPM packages have been discovered that install the njRAT remote access trojan that allows hackers to gain control over a computer. NPM is a JavaScript package manager that allows ...

Researchers uncovered 27 malicious npm packages used over five months to host phishing pages that steal credentials from ...

A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the ...

Since 2017, hackers have been able to mimic legitimate packages on Node Package Manager (npm) by simply removing the capital letters in their titles. According to newly published research from ...

A new strain of the Shai Hulud worm is discovered by researchers, signaling the self-propagating supply chain threat ...

The security team behind the "npm" repository for JavaScript libraries removed two npm packages this Monday for containing malicious code that installed a remote access trojan (RAT) on the computers ...

Security researchers have uncovered two new malicious packages on the npm open source package manager that utilized GitHub to store stolen Base64-encrypted SSH keys taken from developer systems. These ...

Four JavaScript npm packages contained malicious code that collected user details and uploaded the information to a public GitHub page. According to Sonatype security researcher Ax Sharma, the four ...