#npmattack search results

⚠️ Socket Research uncovered 10 malicious npm packages using 4 layers of obfuscation & fake CAPTCHAs to steal credentials across Windows, Linux & macOS! Over 9,900 downloads since July ‘25. Audit your npm dependencies NOW! #Cybersecurity #npmattack #SupplyChainSecurity 🔐⬇️

ReversingLabs uncovered Shai-hulud, a self-replicating npm worm targeting dev accounts to inject malicious scripts stealing tokens and exfiltrating data from npm, GitHub, AWS, GCP affecting ngx-bootstrap and others. #npmAttack #GitHubBreach #USA ift.tt/DNGy30A

PhantomRaven campaign floods npm with credential-stealing packages using remote dynamic dependencies. Malicious packages mimic tools like GitLab to harvest tokens and secrets. #PhantomRaven #JavaScriptSecurity #npmAttack ift.tt/9eGpDBl

A malicious npm package, https-proxy-utils, deployed the AdaptixC2 post-exploitation agent via a post-install script targeting Windows, macOS, and Linux using DLL sideloading and LaunchAgents. #npmAttack #AdaptixC2 #Russia ift.tt/qGm0HsC

I just published Shai‑Hulud NPM Supply Chain Attack 2025 medium.com/p/shai-hulud-n… #npmattack #npmpackages #codesecurity #codereviews

hi guys.... this package seems not to exist and on top of that, synopsys/blackduck picked up this tweet and tried to correct it to expressjs 5.1.0 and double down the mistake. @Synopsys #shaihulud #NPMAttack

Google patches Chrome zero-day, npm hit by supply chain attack, and LinkedIn faces AI data harvesting controversy. #ChromeZeroDay #npmAttack #LinkedInAIControversy turtlen3ws.blogspot.com/2025/09/chrome…

The "Shai-Hulud" worm targets the npm ecosystem, compromising over 180 packages by harvesting developer credentials and using stolen tokens to publish malicious updates. Likely LLM-assisted script generation. #npmAttack #SupplyChain #USA ift.tt/1mvY7Da

gist.github.com/levidehaan/929… If you need to search your projects for packages in the most recent #npm breach of security you can run this script. you need ripgrep installed. #npmattack #security #npmsecurity

Ongoing "Shai-Halud" supply chain attack compromises 100+ npm packages from crowdstrike-publisher, injecting bundle.js to steal credentials and persist in CI pipelines via shai-hulud workflows. #ShaiHalud #npmAttack #USA ift.tt/GBFV5rj

A self-propagating worm infected nearly 200 NPM packages, including some from CrowdStrike, targeting credentials and sensitive data. CrowdStrike removed compromised packages; Falcon platform remains secure. #SupplyChain #NPMAttack #USA ift.tt/FMvKofS

The latest NPM supply chain attack was a wake-up call for Web3. It showed that luck is not a long-term security strategy. It's on all of us to build a more resilient ecosystem. Let's work together. #NPMAttack

@Rabby_io Comentó hace 3 días que no hace uso de ninguno de los paquetes afectados de npm #NPMAttack

SEAL: The largest npm attack in crypto history was actually just over $50. Not a total failure after all. A lesson in not underestimating the power of smaller attacks! #SEAL #NpmAttack

$50 theft: Largest npm attack in crypto history stole less than $50 🤑 Not as big a deal as it sounds. But still, a huge warning sign for the industry. #NpmAttack #CryptoSecurity

Crypto users be cautious! ⚠ NPM attack injects malware into core JavaScript libraries #CryptoSecurity #NPMAttack

Highly popular npm packages poisoned in new Supply Chain Attack. Designed to intercept cryptocurrency transactions, the malicious code reached 10% of cloud environments. #Security #cybersecurity #NPMAttack

A major NPM supply chain attack hit packages like ansi-styles and chalk, affecting 10% of cloud environments. Attackers earned only $600 via cryptojacking after phishing maintainers to bypass 2FA. #NPMAttack #SupplyChain #CloudSecurity ift.tt/Dfz6wHo

bun audit ! #NPMAttack

⚠️ ALERT: #NPMAttack #MEXC     #Tesla #Apple #Binance     #Spain #Turkey #Japan #CryptoRecovery #todayusa #BBCNews #CNN A withdrawal #scam is trapping users’ funds! If your crypto is locked, act immediately — contact me for expert recovery help before it’s lost forever! #HBAR

⚠️ ALERT: #NPMAttack #MEXC      #Tesla #Apple #Binance      #Spain #Turkey #Japan #CryptoRecovery #todayusa #BBCNews #CNN A withdrawal #scam is trapping users’ funds! If your crypto is locked, act immediately — contact me for expert recovery help before it’s lost forever! #HBAR

@Conste11ation 's Digital Evidence matters! #NPMAttack 🔒 Tamper-proof records of code + dependencies 🔍 Verifiable origins 🛡️ Protection with Smart Checkmark ✅ Constellation’s Smart Checkmark makes sure code + dependencies are tamper-proof. If it’s compromised, no checkmark.

Ohh Devs 👨‍💻 #npmattack #hack #web3

@Conste11ation 's Digital Evidence matters. #NPMAttack 🔒 Tamper-proof records of code + dependencies 🔍 Verifiable origins 🛡️ Protection with Smart Checkmark ✅ Constellation’s Smart Checkmark makes sure code + dependencies are tamper-proof. If it’s compromised, no checkmark.

⚠️ Socket Research uncovered 10 malicious npm packages using 4 layers of obfuscation & fake CAPTCHAs to steal credentials across Windows, Linux & macOS! Over 9,900 downloads since July ‘25. Audit your npm dependencies NOW! #Cybersecurity #npmattack #SupplyChainSecurity 🔐⬇️

Update on the #NPMAttack

⚠️ ALERT: #NPMAttack #MEXC     #Tesla #Apple #Binance     #Spain #Turkey #Japan #CryptoRecovery #todayusa #BBCNews #CNN A withdrawal #scam is trapping users’ funds! If your crypto is locked, act immediately — contact me for expert recovery help before it’s lost forever! #HBAR

Josh junon fue victima de pishing. Recibio el siguiente email que simulaba ser de soporte de NPM. Ante el mensaje acciono rapidamente ingresando sus credenciales. Lo que derivo en que el atacante logre publicar versiones maliciosas en paquetes y dependencias de NPM. #NPMAttack

Testnet szn paused thanks to npm 💀 #NPMAttack

No testnet now #NPMAttack

if you are unable to get rid of npm attack use this powershell script #npmhack #NPMAttack

#NPMAttack Another day another supply chain attack…

🚨 FRAUD WARNING: #NPMAttack targeting #MEXC, #Tesla, #Apple, #Binance users — withdrawals frozen! ❌ 📨 If your crypto is stuck, reach out to verified #CryptoRecovery professionals now for secure assistance. #CryptoScam #HBAR #CryptoSecurity #FraudAlert

Although npm has been compromised, your site is probably not affected. Read this article to help you keep calm and avoid panicking, while still keeping an eye on web security: metadrop.net/en/articles/np… #SupplyChainAttack #npmSecurity #npmAttack

The latest NPM supply chain attack was a wake-up call for Web3. It showed that luck is not a long-term security strategy. It's on all of us to build a more resilient ecosystem. Let's work together. #NPMAttack

🚨 New npm attack discovered! Two malicious packages, ethers-provider2 and ethers-providerz, embed reverse shell backdoors in legitimate code, allowing long-term access. Developers beware! 🔒 #npmAttack #MaliciousPackages #USA link: ift.tt/6btCJUT

✅ Marked safe The recent npm/web3.js hack does not affect @optrade_ai. Your trades and strategies are secure. Trade confidently. Stay protected. 🚀📈 #NPMAttack #optr

⚠️ ALERT: #NPMAttack #MEXC #Tesla #Apple #Binance #Spain #Turkey #Japan 🚫 Withdrawal scam trapping user funds! 💸 If your crypto is locked, act fast — DM me now for expert #CryptoRecovery before it’s gone. #HBAR #BBCNews #CNN #todayusa #CryptoScam

🚨 In a shocking turn of events, the largest npm attack in crypto history only stole less than $50! This highlights the importance of security in the crypto space. Stay safe out there! 🔒 #CryptoSecurity #npmAttack

⚠️ ALERT: #NPMAttack #MEXC      #Tesla #Apple #Binance      #Spain #Turkey #Japan #CryptoRecovery #todayusa #BBCNews #CNN A withdrawal #scam is trapping users’ funds! If your crypto is locked, act immediately — contact me for expert recovery help before it’s lost forever! #HBAR