Following the compromise of an ESLint maintainer’s account last week, malicious packages that attempted to steal login tokens from the npm software registry were published without authorization.
Malware & Threats
Malicious ESLint Packages Steal Software Registry Login Tokens
Following the compromise of an ESLint maintainer’s account last week, malicious packages that attempted to steal login tokens from the npm software registry were published without authorization. The post Malicious ESLint Packages Steal Software Registry Login Tokens appeared first on SecurityWeek.
Latest News
- TrueConf Zero-Day Exploited in Asian Government Attacks
- In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
- Critical ShareFile Flaws Lead to Unauthenticated RCE
- Mobile Attack Surface Expands as Enterprises Lose Control
- React2Shell Exploited in Large-Scale Credential Harvesting Campaign
- T-Mobile Sets the Record Straight on Latest Data Breach Filing
- North Korean Hackers Drain $285 Million From Drift in 10 Seconds
- Critical Vulnerability in Claude Code Emerges Days After Source Leak
Publisher