npm
-
North Korea-Linked Malicious npm Packages Expose Developers to Security Risks
Cybersecurity researchers have uncovered a new wave of malicious npm packages linked to North Korean threat actors, raising significant concerns for software developers. The covert operation targets job seekers and developers, exposing them to sophisticated supply chain attacks designed to steal sensitive information and compromise systems.
-
New Malicious npm Packages Target Open-Source Systems with Sophisticated Attacks
Cybersecurity researchers warn of two malicious npm packages, ethers-provider2 and ethers-providerz, designed to alter legitimate installations, providing attackers enhanced access to developer systems. The novel methods underscore the growing sophistication of software supply chain threats.
