npm Archives • Daily CyberSecurity

Four undici Vulnerabilities Affect a Package With 133M Weekly Downloads undici vulnerabilities in the Node.js HTTP client affecting a package with 133M weekly downloads

undici vulnerabilities in the Node.js HTTP client affecting a package with 133M weekly downloads

Four undici Vulnerabilities Affect a Package With 133M Weekly Downloads

Do Son June 22, 2026

TL;DR Maintainers have disclosed four undici vulnerabilities in the widely used Node.js HTTP client. The package draws...

Mastra Supply Chain Attack Compromises 140+ npm Packages Mastra supply chain attack delivering an npm infostealer through the typosquatted easy-day-js dependency during npm install

Mastra supply chain attack delivering an npm infostealer through the typosquatted easy-day-js dependency during npm install

Mastra Supply Chain Attack Compromises 140+ npm Packages

Do Son June 17, 2026

A sweeping Mastra supply chain attack has hit the JavaScript ecosystem hard. Security firm Socket detected the...

Vitest RCE Vulnerability (CVSS 9.8): Public PoC Disclosed for Testing Tool With 57M Weekly Downloads (CVE-2026-53633) Vitest RCE vulnerability CVE-2026-53633, Browser Mode RCE, config file overwrite Vitest remote code execution critical 9.8 CVSS flaws

Vitest RCE vulnerability CVE-2026-53633, Browser Mode RCE, config file overwrite Vitest remote code execution critical 9.8 CVSS flaws

Vitest RCE Vulnerability (CVSS 9.8): Public PoC Disclosed for Testing Tool With 57M Weekly Downloads (CVE-2026-53633)

Do Son June 16, 2026

A critical Vitest RCE vulnerability has put a hugely popular testing framework in the spotlight. Tracked as...

Minirat’s Stealth Supply Chain Attack Targets macOS Developers Minirat macOS Malware Go-based RAT

Minirat’s Stealth Supply Chain Attack Targets macOS Developers

Do Son May 1, 2026

Security researchers at Iru have detailed a sophisticated new threat targeting macOS users through the software supply...

The Malware Factory: Unmasking the 108-Package North Korean Siege on npm npm Supply Chain Attack DPRK Malware Factory

The Malware Factory: Unmasking the 108-Package North Korean Siege on npm

Do Son April 29, 2026

Cybersecurity researchers at Panther Threat Research have released a detailed exposé on a massive, coordinated npm malware...

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike Checkmarx Supply Chain Attack TeamPCP

TeamPCP Hijacks Checkmarx in Sprawling Supply Chain Strike

Do Son April 23, 2026

The cybersecurity world is facing a sprawling supply chain compromise as official distribution channels for Checkmarx, a...

The Next.js Nightmare? Vercel Investigates “Critical” Internal Breach and Supply Chain Threat Vercel Supply Chain Next.js Security

The Next.js Nightmare? Vercel Investigates “Critical” Internal Breach and Supply Chain Threat

Do Son April 19, 2026

The global development community is on high alert following reports of a major security incident at Vercel,...

North Korea’s “OtterCookie” Hides Inside Benign npm Wrappers Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

Seedworm Espionage Campaign 2026 ChromElevator Stealer DLL Sideloading SIM Swapping Crypto Theft Lazarus Comebacker, Aerospace Espionage Delete PlugX Malware

North Korea’s “OtterCookie” Hides Inside Benign npm Wrappers

Do Son April 16, 2026

A new investigative report from Panther has identified a dangerous cluster of malicious packages lurking within the...

The 1,700-Package Blitz: North Korea’s “Contagious Interview” Infiltrates Every Major Dev Registry Contagious Interview Malicious Packages

The 1,700-Package Blitz: North Korea’s “Contagious Interview” Infiltrates Every Major Dev Registry

Do Son April 8, 2026

Researchers at Socket have identified a massive new cluster of malicious packages linked to North Korea’s notorious...

Malicious VeloraDEX SDK Compromises Developer Machines via npm npm Supply Chain Attack @velora-dex/sdk Malware

Malicious VeloraDEX SDK Compromises Developer Machines via npm

Do Son April 8, 2026

Security researchers at StepSecurity have sounded the alarm on a compromised version of the @velora-dex/sdk package. On...

The Human Variable: How a Masterful Phishing Ruse Hijacked Axios and 100 Million Users Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

Axios proxy vulnerabilities prototype pollution gadget Axios Vulnerability Cloud Hijacking Axios npm supply chain attack Axios Vulnerability Node.js DoS CVE-2025-58754 CVE-2025-27152 Axios Vulnerability, Form-Data Flaw

The Human Variable: How a Masterful Phishing Ruse Hijacked Axios and 100 Million Users

Do Son April 3, 2026

The esteemed open-source library Axios, a staple of the contemporary industry, recently fell victim to a cyber...

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

183 Million Targets: Inside the North Korean Supply Chain Strike on Axios and the WAVESHAPER Backdoor

Do Son April 1, 2026

The Google Threat Intelligence Group (GTIG) has issued an urgent warning regarding a sophisticated software supply chain...

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Booking.com Data Breach Claude Code Leak Anthropic Source Code YggTorrent data breach PS5 BootROM key leak 2026, PlayStation 5 unpatchable jailbreak Great Firewall data leak Dating App Breach, Tea App Leak 23andMe Data Leak

Anthropic Accidentally Leaks Claude Code’s “Secret Sauce” via npm Blunder

Do Son March 31, 2026

In a major configuration oversight, the source code for Claude Code—Anthropic’s flagship agentic CLI tool—was recently leaked...

Axios Under Siege: Critical npm Supply Chain Attack Hijacks Lead Maintainer to Drop Multi-Platform RAT TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

TanStack Typosquatting npm Supply Chain Attack Axios Supply Chain Attack npm Poisoning eScan Supply Chain Attack Antivirus Compromise APT-36, NCERT WhatsApp Advisory FBI alert, Salesforce Salt Typhoon, APT group ConnectWise ScreenConnect hack Nation-state cyberattack FortiGate Leak - zkLend vulnerability - TRIPLESTRENGTH Threat Actor Group Dark Storm

Axios Under Siege: Critical npm Supply Chain Attack Hijacks Lead Maintainer to Drop Multi-Platform RAT

Do Son March 31, 2026

Security researchers at StepSecurity have issued an emergency warning regarding a high-stakes supply chain attack targeting axios,...

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution Prototype Pollution node-convict Vulnerability

The Weakest Link: Popular Node.js Config Library “Convict” Hit by Prototype Pollution

Do Son March 30, 2026

A critical vulnerability has been uncovered in node-convict, the widely used configuration management library designed to make...

CVE-2026-1245: Code Injection Flaw Hits Node.js binary-parser WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

WD Discovery Vulnerability CVE-2025-30248 binary-parser Vulnerability CVE-2026-1245 H3C RCE Vulnerability CVE-2025-60262 Telenium RCE, CVE-2025-10659 Fuel station security, ICS vulnerabilities FreePBX vulnerability CVE-2024-9478 & CVE-2024-9479 SysTrack Vulnerability, Privilege Escalation

CVE-2026-1245: Code Injection Flaw Hits Node.js binary-parser

Do Son January 22, 2026

Developers using the popular binary-parser library for Node.js are being urged to update their dependencies immediately following...

Supply Chain Alert: Critical Code Injection Flaw (CVSS 9.3) in Orval CVE-2026-25141 Orval Vulnerability CVE-2026-23947

Supply Chain Alert: Critical Code Injection Flaw (CVSS 9.3) in Orval

Do Son January 22, 2026

Developers relying on orval to generate type-safe clients from OpenAPI specifications are being urged to update immediately...

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord NodeCordRAT NPM Supply Chain Attack

NodeCordRAT: The Trojan Hiding in NPM to Steal Crypto via Discord

Do Son January 9, 2026

The open-source ecosystem has once again been weaponized, this time targeting developers working with cryptocurrency libraries. In...

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

Do Son December 25, 2025

A new investigation by Koi Security has exposed a highly sophisticated supply chain attack lurking in the...

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams Supply Chain Phishing, npm Abuse

Hackers Weaponize npm to Hunt Critical Infrastructure Sales Teams

Do Son December 25, 2025

A new investigation by The Socket Threat Research Team has uncovered a sophisticated spear-phishing operation that has...

Critical Alert 1 Active Exploit Detected Today