Cybersecurity experts have uncovered a supply chain attack involving phishing campaigns targeting npm package maintainers to steal tokens and inject malicious code. The attack led to the distribution of compromised packages and highlighted the risks of impersonation and malicious dependencies in the developer ecosystem. #npm #supplychainattack
Keypoints
- A phishing campaign targeted npm maintainers to steal npm tokens and publish malicious package versions.
- The injected code on Windows machines attempted to execute a DLL, risking remote code execution.
- Developers are advised to verify package versions, enable two-factor authentication, and use scoped tokens for publishing.
- An unrelated protestware campaign exploited language settings to target browsers with malicious scripts.
- Arch Linux removed three AUR packages that installed Chaos RAT malware from a compromised GitHub repository.
Read More: https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html