NPM JavaScript registry suffers massive influx of malware, report says - Cyber Security News

Read Time:29 Second

The popular NPM JavaScript package manager and registry has been hit with an influx of malicious packages, the most harmful of which are related to data theft, crypto mining, botnets, and remote code execution, according to research from security company WhiteSource.

WhiteSource’s automated malware detection platform, WhiteSource Diffend, detected a total of 1,300 malicious packages on NPM, within a period of six months ended December 2021.

All the malicious packages identified by WhiteSource were notified to NPM and were subsequently removed from the package registry.

To read this article in full, please click here

More Stories

Friday Squid Blogging: Squid Sticker

A sticker for your water bottle. Blog moderation policy. Read More

December 20, 2024

Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI...

December 20, 2024

Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers

The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine Read...

December 20, 2024

LockBit Admins Tease a New Ransomware Version

The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 Read More

December 20, 2024

Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging...

December 20, 2024

CISA Urges Encrypted Messaging After Salt Typhoon Hack

The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging...

December 20, 2024