#maliciouspackages — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #maliciouspackages, aggregated by home.social.
-
Mini Shai-Hulud Campaign Targets npm Ecosystem with Malicious AntV Packages
A large-scale attack has infected hundreds of popular npm packages, including widely-used data visualization and React components, with malicious updates, putting a vast number of projects and applications at risk. The attackers published 639 malicious versions across 323 unique packages in a fast-moving supply chain operation.
-
#PhantomRaven is back 👻🐦⬛ We found 3 new waves distributing 88 #maliciouspackages (81 still live on npm). Packages look clean, but a hidden URL in package.json pulls credential-stealing malware.
https://www.endorlabs.com/learn/return-of-phantomraven -
Shai-Hulud Returns: Over 300 NPM Packages Infected
https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
#HackerNews #ShaiHuludReturns #NPMInfection #Cybersecurity #SoftwareSupplyChain #MaliciousPackages
-
Shai-Hulud Returns: Over 300 NPM Packages Infected
https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
#HackerNews #ShaiHuludReturns #NPMInfection #Cybersecurity #SoftwareSupplyChain #MaliciousPackages
-
Shai-Hulud Returns: Over 300 NPM Packages Infected
https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
#HackerNews #ShaiHuludReturns #NPMInfection #Cybersecurity #SoftwareSupplyChain #MaliciousPackages
-
Shai-Hulud Returns: Over 300 NPM Packages Infected
https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
#HackerNews #ShaiHuludReturns #NPMInfection #Cybersecurity #SoftwareSupplyChain #MaliciousPackages
-
Shai-Hulud Returns: Over 300 NPM Packages Infected
https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
#HackerNews #ShaiHuludReturns #NPMInfection #Cybersecurity #SoftwareSupplyChain #MaliciousPackages
-
WhatsApp devs, beware: rogue npm packages disguised as legit libraries can unleash a data wipe (rm -rf *) and hide a secret exfiltration function. How safe is your code when even kill switches are in play? Dive deeper.
https://thedefendopsdiaries.com/unmasking-malicious-npm-packages-targeting-whatsapp-developers/
#npmsecurity
#whatsappdevelopers
#supplychainattack
#cybersecurity
#maliciouspackages -
WhatsApp devs, beware: rogue npm packages disguised as legit libraries can unleash a data wipe (rm -rf *) and hide a secret exfiltration function. How safe is your code when even kill switches are in play? Dive deeper.
https://thedefendopsdiaries.com/unmasking-malicious-npm-packages-targeting-whatsapp-developers/
#npmsecurity
#whatsappdevelopers
#supplychainattack
#cybersecurity
#maliciouspackages -
WhatsApp devs, beware: rogue npm packages disguised as legit libraries can unleash a data wipe (rm -rf *) and hide a secret exfiltration function. How safe is your code when even kill switches are in play? Dive deeper.
https://thedefendopsdiaries.com/unmasking-malicious-npm-packages-targeting-whatsapp-developers/
#npmsecurity
#whatsappdevelopers
#supplychainattack
#cybersecurity
#maliciouspackages -
Some npm packages disguised as helpful utilities have been found wiping entire directories. How are these digital saboteurs sneaking into projects, and what can you do to stop them? Find out more.
#npmsecurity
#maliciouspackages
#softwaredevelopment
#cybersecurity
#supplychainsecurity -
Some npm packages disguised as helpful utilities have been found wiping entire directories. How are these digital saboteurs sneaking into projects, and what can you do to stop them? Find out more.
#npmsecurity
#maliciouspackages
#softwaredevelopment
#cybersecurity
#supplychainsecurity -
Some npm packages disguised as helpful utilities have been found wiping entire directories. How are these digital saboteurs sneaking into projects, and what can you do to stop them? Find out more.
#npmsecurity
#maliciouspackages
#softwaredevelopment
#cybersecurity
#supplychainsecurity -
Ever downloaded a package that turned out to be a Trojan? Malicious NPM packages are using typosquatting and stealth tactics to sneak into development environments. How secure is your code?
#npmsecurity
#maliciouspackages
#softwaredevelopment
#cybersecurity
#dataprotection -
Ever downloaded a package that turned out to be a Trojan? Malicious NPM packages are using typosquatting and stealth tactics to sneak into development environments. How secure is your code?
#npmsecurity
#maliciouspackages
#softwaredevelopment
#cybersecurity
#dataprotection -
Ever downloaded a package that turned out to be a Trojan? Malicious NPM packages are using typosquatting and stealth tactics to sneak into development environments. How secure is your code?
#npmsecurity
#maliciouspackages
#softwaredevelopment
#cybersecurity
#dataprotection -
Sophisticated npm Attack Highlights Software Supply Chain Vulnerabilities
#npmattack
#softwaresupplychain
#cybersecurity
#opensourcesecurity
#maliciouspackages -
Sophisticated npm Attack Highlights Software Supply Chain Vulnerabilities
#npmattack
#softwaresupplychain
#cybersecurity
#opensourcesecurity
#maliciouspackages -
OpenSSF Malicious Packages: This repository is a collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format: https://github.com/ossf/malicious-packages
-
OpenSSF Malicious Packages: This repository is a collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format: https://github.com/ossf/malicious-packages
-
OpenSSF Malicious Packages: This repository is a collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format: https://github.com/ossf/malicious-packages
-
I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.
https://github.com/ludothegreat/Python-Package-Security-Scanner
#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages
-
I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.
https://github.com/ludothegreat/Python-Package-Security-Scanner
#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages
-
I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.
https://github.com/ludothegreat/Python-Package-Security-Scanner
#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages
-
I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.
https://github.com/ludothegreat/Python-Package-Security-Scanner
#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages
-
I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.
https://github.com/ludothegreat/Python-Package-Security-Scanner
#PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages