»Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack:
-
»Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack:
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.«How do you check if the JavaScript libraries and their libraries on which they are based are now safe?!??
🧑
https://thehackernews.com/2025/11/over-46000-fake-npm-packages-flood.html#javascript #webdev #frontend #js #ts #typescript #npm #wormhole #spam #web #sec
-
»Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack:
Cybersecurity researchers are calling attention to a large-scale spam campaign that has flooded the npm registry with thousands of fake packages since early 2024 as part of a likely financially motivated effort.«How do you check if the JavaScript libraries and their libraries on which they are based are now safe?!??
🧑
https://thehackernews.com/2025/11/over-46000-fake-npm-packages-flood.html#javascript #webdev #frontend #js #ts #typescript #npm #wormhole #spam #web #sec
»Shai Hulud ist zurück — Wurm kompromittiert erneut Hunderte NPM-Pakete:
Wer mit NPM-Paketen arbeitet, sollte dringend die Abhängigkeiten seiner Projekte überprüfen. Ein Wurm hat teils namhafte Pakete kompromittiert.«Das scheint kein Ende zu nehmen und wird mMn auch sehr viele Web-User betreffen, auch wenn die es nicht direkt merken. Dies ist jedenfalls ein Mehraufwand der WebDev's.
#npm #javascript #typescript #webdev #js #ts #shaihulud #keinende #itsicherheit #web
-
M monkee@other.li shared this topic
