Hulud-like Sandworm_Mode supply chain attack targets NPM developers to steal secrets and poison AI assistants.

A malicious NPM package, ambar-src, mimicking a popular JavaScript framework, was downloaded nearly 50,000 times in a few ...

An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user's system. The 'rand-user-agent' ...

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Security experts have warned that a newly discovered supply chain attack targeting npm packages is still active and may already have impacted 10% of cloud environments. On Monday, a threat actor ...

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...

Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers.

A newly identified North Korean threat actor has widened its distribution of malicious node package manager (npm) code to public registries. And it's differentiating itself from other state-sponsored ...

That it's an abbreviation is not really relevant here. It sort of stands for "node package manager" but that really doesn't tell you anything. It consists of a command line client, also called npm, ...

The npm registry now includes Socket security analysis links directly on package pages to help developers assess supply chain risks.