Tag: npm

NPM flooded with malicious packages downloaded more than 86,000 times

image via arstechnica.com
image via arstechnica.com

Attackers are exploiting a major weakness that has allowed them access to the NPM code repository with more than 100 credential-stealing packages since August, mostly without detection. Anyone who regularly downloads packages from NPM should check the Koi post for a list of indicators that their system has been compromised through PhantomRaven. These indicators can be used in system scans to determine whether they’ve been targeted.

https://arstechnica.com/security/2025/10/npm-flooded-with-malicious-packages-downloaded-more-than-86000-times/

Hundreds of code libraries posted to NPM try to install malware on dev machines

image via arstechnica.com
image via arstechnica.com

An ongoing attack is uploading hundreds of malicious packages to the open source node package manager (NPM) repository in an attempt to infect the devices of developers who rely on code libraries there, researchers said. The malicious packages have names that are similar to legitimate ones for the Puppeteer and Bignum.js code libraries and for various libraries for working with cryptocurrency. The campaign, which was active at the time this post was going live on Ars, was reported by researchers from the security firm Phylum. The discovery comes on the heels of a similar campaign a few weeks ago targeting developers using forks of the Ethers.js library.

https://arstechnica.com/security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/