npm
GitHub Developers Targeted by North Korea’s Lazarus Group
The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub ...
npm Manifest Confusion – What Is It and Do You Really Need to Worry About It?
Yesterday, Darcy Clarke, a software developer and a former npm CLI team Engineering Manager, steered everyone’s attention towards a gap in the npm registry website – what he calls “manifest confusion.” ...
This Week in Malware – Over 70 Packages Discovered
This week in malware, we discovered and analyzed six dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries ...
This Week in Malware – Nearly 40 Packages Discovered
This week in malware, we discovered and analyzed nearly 40 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries ...
This Week in Malware – Over 50 Packages Discovered
This week in malware, we discovered and analyzed nearly five dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries ...
This Week in Malware – Over 100 Packages Discovered
This week in malware, we discovered and analyzed more than 100 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries ...
