A large-scale, automated typosquatting attack saw 200+ malicious packages flood the npm code repository, targeting popular Azure scopes.
Threatpost
Posts tagged "Packages"
Thousands of Malicious npm Packages Threaten Web Apps
Attackers increasingly are using malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, offering a wide supply-chain attack surface for threat actors.
Threatpost
Malicious PyPI Code Packages Rack Up Thousands of Downloads
The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more.
Threatpost
Malicious npm Code Packages Built for Hijacking Discord Servers
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases.
Threatpost