Browsing: npm

Ravie LakshmananMay 20, 2026Supply Chain Attack / Cloud Security Grafana Labs, on May 19, 2026, said an investigation into its…

Ravie LakshmananMay 18, 2026Cybersecurity / Hacking Monday opens with a trust problem. A mail server flaw is under active use.…

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply…

Hundreds of packages across npm and PyPI have been compromised in a new Shai-Hulud supply-chain campaign delivering credential-stealing malware targeting developers.…

Cybersecurity researchers have discovered malicious code in an npm package after a malicious package as a dependency to the project…

Multiple official SAP npm packages were compromised in what is believed to be a TeamPCP supply-chain attack to steal credentials…

Ravie LakshmananApr 29, 2026Supply Chain Attack / Malware Cybersecurity researchers are sounding the alarm about a new supply chain attack…

The Bitwarden command-line interface (CLI) NPM package was compromised in a supply chain attack that appears tied to previous campaigns…

Updated with further information from Bitwarden. The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to…

Cybersecurity researchers have flagged a fresh set of packages that have been compromised by bad actors to deliver a self-propagating…