SecurityWeek

Amazon Detects 150,000 NPM Packages in Worm-Powered Campaign

More than 150,000 malicious packages were published in the NPM registry as part of a recently uncovered spam campaign, Amazon ...

Thousands of fake packages flood npm registry in major attack - here's what we know

Cybersecurity researchers Endor Labs discovered more than 43,000 spam packages which took almost two years to upload in a ...