Popular configuration packages for integrating Prettier with ESLint, the widely used code formatting tools within JavaScript and TypeScript projects, were hijacked after a maintainer fell victim to a ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The typosquatted packages auto-execute on installation, fingerprint victims by IP, and deploy a PyInstaller binary to harvest credentials from browsers, SSH keys, API tokens, and cloud configuration ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component that collects sensitive data from Windows, Linux, and macOS systems. The ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results