New: Backdoors found in Python & NPM packages targeting Windows & Linux! Attackers use fake ‘colorama’ & ‘colorizr’ to steal data + gain remote access.

Read more: https://hackread.com/backdoors-python-npm-packages-windows-linux/

Package lurking in npm for six years waits to destroy your work https://www.developer-tech.com/news/package-lurking-npm-six-years-waits-destroy-your-work/ #npm #developers #opensource #coding #programming #javascript #cybersecurity #malware #hacking #infosec #security #tech #news #technology

#NPM: Dozens of packages have been discovered in the NPM index that attempt to collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor:

https://www.bleepingcomputer.com/news/security/dozens-of-malicious-packages-on-npm-collect-host-and-network-data/

Dozens of malicious packages on #NPM collect host and network data

https://www.bleepingcomputer.com/news/security/dozens-of-malicious-packages-on-npm-collect-host-and-network-data/

Destructive #malware available in #NPM repo went unnoticed for 2 years

https://arstechnica.com/information-technology/2025/05/destructive-malware-available-in-npm-repo-went-unnoticed-for-2-years/

60 malicious npm packages caught mapping developer networks https://www.developer-tech.com/news/60-malicious-npm-packages-mapping-developer-networks/ #npm #javascript #developers #coding #programming #security #hacking #cybersecurity #infosec #malware #tech #news #technology

Malicious #NPM package uses Unicode #steganography to evade detection

https://www.bleepingcomputer.com/news/security/malicious-npm-package-uses-unicode-steganography-to-evade-detection/

#Development #Launches
ESLint can now lint HTML · The code linter delivers a new language plugin https://ilo.im/163v4b

_____
#ESLint #OpenSource #Coding #Linter #Parser #HTML #Npm #WebDev #Frontend

Malicious #npm Packages Infect 3,200+ #Cursor Users With Backdoor, Steal Credentials

https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html

#npm: Malicious npm Packages Infect 3,200+ #Cursor IDE Users With Backdoor, Steal Credentials:

https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html

Malicious #npm Packages Infect 3,200+ #Cursor Users With #Backdoor, Steal #Credentials

#Cybersecurity researchers have flagged 3 malicious npm packages that are designed to target the Apple #macOS version of Cursor

"Disguised as developer tools offering 'the cheapest Cursor API,' these packages steal user credentials, fetch an encrypted payload from threat actor-controlled infrastructure, overwrite Cursor's main.js file, & disable auto-updates to maintain persistence,"

https://thehackernews.com/2025/05/malicious-npm-packages-infect-3200.html

https://www.europesays.com/de/97674/ Remote-Access-Trojaner in npm-Paket mit 40.000 wöchentlichen Downloads gefunden #Deutschland #Germany #IT #JavaScript #npm #paketmanager #Python #Science #Science&Technology #Security #SoftwareSupplyChain #Softwareentwicklung #SupplyChainSecurity #Technik #Technology #Trojaner #Wissenschaft #Wissenschaft&Technik

Supply chain attack hits #npm package with 45,000 weekly downloads

https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-npm-package-with-45-000-weekly-downloads/

Supply Chain Attack Exposes Vulnerabilities in Popular npm Package

A recent supply chain attack has compromised the widely-used npm package 'rand-user-agent', injecting malicious code that activates a remote access trojan (RAT). With 45,000 weekly downloads, this inc...

https://news.lavx.hu/article/supply-chain-attack-exposes-vulnerabilities-in-popular-npm-package

Supply Chain Attack Exposes Vulnerabilities in Popular npm Package

A recent supply chain attack has compromised the widely-used npm package 'rand-user-agent', injecting malicious code that activates a remote access trojan (RAT). With 45,000 weekly downloads, this inc...

https://news.lavx.hu/article/supply-chain-attack-exposes-vulnerabilities-in-popular-npm-package

Not sure if I should laugh at #Github #NPM or #WordPress here. Probably all three.

https://github.com/WordPress/gutenberg/blame/trunk/package-lock.json

Newpeak Metals ( #NPM ) has released " Termination of AusVan SPA and Resignation of Director " on Tue 06 May at 09:57 AEST #today #Metals #ltd #ASX #Tech
https://grafa.com/asset/newpeak-metals-ltd-8715-npm.asx?utm_source=asxmktsensitive&utm_medium=mastodon&utm_campaign=npm.asx

Malware Campaign Targets NPM: A Deep Dive into the Threat Landscape

A recent investigation by Socket has unveiled a sophisticated malware campaign targeting the NPM ecosystem, utilizing deceptive library names to infiltrate Node.js applications. This article explores ...

https://news.lavx.hu/article/malware-campaign-targets-npm-a-deep-dive-into-the-threat-landscape

It's crazy that `graphql-depth-limit` (with its Git repository removed and not being updated for 8 years) has 750k weekly downloads, while the actual `@graphile/depth-limit` library (updated, typed, from a GraphQL maintainer) has only 400 downloads.

A malicious npm package, crypto-encrypt-ts, impersonating #CryptoJS was downloaded 1,900+ times before being caught. It targets crypto wallets and #MongoDB data, with code suggesting Turkish origins.

Read more: https://hackread.com/npm-malware-crypto-wallets-mongodb-turkey-code/