npm Archives • Page 2 of 4 • Daily CyberSecurity

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users systeminformation RCE, Node.js Command Injection

Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users

Do Son December 18, 2025

A high-severity vulnerability has been uncovered in systeminformation, a massively popular Node.js library used by millions of...

Critical node-forge Flaw (CVE-2025-12816) Allows Signature Verification Bypass via ASN.1 Manipulation (21M Downloads/Week) node-forge Signature Bypass, ASN.1 Vulnerability

node-forge Signature Bypass, ASN.1 Vulnerability

Critical node-forge Flaw (CVE-2025-12816) Allows Signature Verification Bypass via ASN.1 Manipulation (21M Downloads/Week)

Do Son November 26, 2025

CERT/CC has issued a warning about a high-impact cryptographic vulnerability in the Forge JavaScript library — also...

npm Supply Chain Attack: Hackers Use Adspect Cloaking and Fake Crypto CAPTCHA to Deceive Victims and Researchers npm Adspect Cloaking, Fake Crypto CAPTCHA

npm Adspect Cloaking, Fake Crypto CAPTCHA

npm Supply Chain Attack: Hackers Use Adspect Cloaking and Fake Crypto CAPTCHA to Deceive Victims and Researchers

Do Son November 19, 2025

The Socket Threat Research Team has uncovered a highly coordinated malware campaign operating across seven npm packages,...

Record Supply Chain Attack: 150,000+ Malicious npm Packages Flooded Registry for Token Farming Rewards npm Token Farming, Supply Chain Flooding

Record Supply Chain Attack: 150,000+ Malicious npm Packages Flooded Registry for Token Farming Rewards

Do Son November 17, 2025

In one of the largest open-source supply chain incidents ever recorded, Amazon Inspector security researchers have uncovered...

Vidar Infostealer Hits npm for the First Time via 17 Typosquatted Packages and Postinstall Scripts Vidar npm Supply Chain, Typosquatting

Vidar Infostealer Hits npm for the First Time via 17 Typosquatted Packages and Postinstall Scripts

Do Son November 10, 2025

Researchers at Datadog Security Research have uncovered a major supply-chain compromise in the npm ecosystem involving 17...

PhantomRaven: 126 Malicious npm Packages Steal Developer Tokens and Secrets Using Hidden Dependencies npm RDD Supply Chain, Slopsquatting

PhantomRaven: 126 Malicious npm Packages Steal Developer Tokens and Secrets Using Hidden Dependencies

Do Son October 31, 2025

Koi Security has uncovered a massive supply-chain campaign dubbed PhantomRaven, which has silently infected the npm ecosystem...

npm Typosquat Campaign: 10 Malicious Packages Deliver PyInstaller Infostealer via Fake CAPTCHA npm Typosquatting, PyInstaller Stealer

npm Typosquat Campaign: 10 Malicious Packages Deliver PyInstaller Infostealer via Fake CAPTCHA

Do Son October 30, 2025

The Socket Threat Research Team has uncovered an extensive supply chain attack targeting the npm ecosystem, involving...

Stealth C2: Hackers Abuse Discord Webhooks for Covert Data Exfiltration in npm, PyPI, and RubyGems Supply Chain Attacks SolyxImmortal Malware Python Info-Stealer Discord Webhook C2, Supply Chain Abuse

SolyxImmortal Malware Python Info-Stealer Discord Webhook C2, Supply Chain Abuse

Stealth C2: Hackers Abuse Discord Webhooks for Covert Data Exfiltration in npm, PyPI, and RubyGems Supply Chain Attacks

Do Son October 14, 2025

The Socket Threat Research Team has uncovered a growing trend among malicious package developers: leveraging Discord webhooks...

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean Laptop Farm DPRK Insider Threat North Korea WMD Cyber Funding, Australia Sanctions Insider threat, North Korean hackers Kimsuky, cyber-espionage NPM Malware, North Korea Cyber-espionage North Korea, Remote IT Job Scam Laptop Farm - DriverEasy - Kimsuky Watering Hole Attack

North Korean APT “Contagious Interview” Floods npm Registry with 338 Malicious Packages to Steal Crypto

Do Son October 11, 2025

The Socket Threat Research Team has sounded the alarm on an escalating wave of malicious npm activity...

Beamglea Campaign: Hackers Abuse 175 npm Packages and unpkg CDN for Large-Scale Phishing npm Phishing, Beamglea

Beamglea Campaign: Hackers Abuse 175 npm Packages and unpkg CDN for Large-Scale Phishing

Do Son October 11, 2025

Socket’s Threat Research Team has uncovered a massive supply-chain abuse campaign leveraging npm’s public registry and unpkg.com’s...

New Malware Found in npm Package “fezbox” Uses QR Codes to Steal Credentials GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

New Malware Found in npm Package “fezbox” Uses QR Codes to Steal Credentials

Do Son September 23, 2025

The Socket Threat Research Team has uncovered a new malware campaign hiding inside an npm package called...

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages supply-chain-attack

Shai-Hulud Supply Chain Attack Now Targets CrowdStrike’s npm Packages

Do Son September 17, 2025

The malicious supply chain campaign dubbed “Shai-Hulud” has struck again, this time compromising multiple npm packages published...

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains

Do Son September 16, 2025

The Socket Research Team has uncovered a large-scale supply chain attack on the npm ecosystem, with more...

Massive npm Supply Chain Attack: Qix’s Account Compromised, Billions of Weekly Downloads at Risk

Do Son September 9, 2025

Socket has detected a large-scale supply chain attack in progress targeting the npm ecosystem. The account of...

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2 GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2

Do Son September 4, 2025

Researchers from ReversingLabs have discovered two malicious npm packages leveraging Ethereum smart contracts to conceal and deliver...

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets npm package, crypto drainer Malicious Packages Cryptocurrency Theft

Malicious npm Package Masquerades as Nodemailer, Drains Crypto Wallets

Do Son September 1, 2025

Researchers from Socket’s Threat Research Team have uncovered a dangerous npm package, nodejs-smtp, that impersonates the widely...

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack Nx supply chain attack

Nx Build System Compromise Targets Developers with AI-Enhanced Supply Chain Attack

Do Son August 27, 2025

The StepSecurity research team has issued a warning about a large-scale supply chain attack involving the popular...

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes tar-fs, directory traversal

CVE-2025-48387: Critical tar-fs Vulnerability Exposes Millions to Arbitrary File Writes

Do Son August 18, 2025

A newly disclosed vulnerability in the widely used tar-fs NPM package has raised alarms across the software...

Phishing Attack on Popular npm Package Triggers Supply Chain Compromise npm supply chain, phishing attack

Phishing Attack on Popular npm Package Triggers Supply Chain Compromise

Do Son August 16, 2025

A recent investigation by ReversingLabs has revealed how a targeted phishing attack led to the compromise of...

WhatsApp antitrust API probe India SIM-Binding Mandate Messaging App KYC WhatsApp DMA Interoperability BirdyChat Haiket Denmark Social Media Ban CVE-2025-55177 WhatsApp vulnerability, zero-click flaw npm Malware, System Wipe WhatsApp Windows App, WebView2 Downgrade WhatsApp Ban, US House NSO WhatsApp, Pegasus Spyware WhatsApp iPad iPadOS app

The WhatsApp Kill Switch: New npm Packages Use Developer’s Phone Number to Wipe Systems

Do Son August 7, 2025

Socket’s Threat Research Team has uncovered two malicious npm packages—naya-flore and nvlore-hsc—designed to target developers building WhatsApp...

Critical Alert 1 Active Exploit Detected Today