This typosquatting attack on npm went undetected for 2 weeks

by
from The Register on (#2Y79H)
Story ImageLookalike npm packages grabbed stored credentials

A two-week-old campaign to steal developers' credentials using malicious code distributed through npm, the Node.js package management registry, has been halted with the removal of 39 malicious npm packages."

External Content
Source RSS or Atom Feed
Feed Location http://www.theregister.co.uk/headlines.atom
Feed Title The Register
Feed Link https://www.theregister.com/
Feed Copyright Copyright © 2025, Situation Publishing
Reply 0 comments