TechRadar

More popular npm packages hijacked to spread malware

A npm package maintainer has fallen victim to a phishing attack The attackers accessed packages and updated them to carry malware Most antivirus programs are still not properly flagging the malicious ...
Infosecurity-magazine.com

Popular npm Package Compromised in Phishing Attack

A significant security incident involving the widely used npm package “eslint-config-prettier” has been uncovered. The package, downloaded more than 3.5 billion times, was compromised on July 18 after ...