Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. The node-ipc ...
Hosted on MSN
Node-IPC supply chain attack targets crypto devs
Three poisoned versions of node-ipc went live on the npm registry on May 14, according to SlowMist. Attackers hijacked a dormant maintainer account and pushed code designed to siphon developer ...
Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing credential stealing malware. A popular npm package called node-ipc has been ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results