Tagged: Eslint

July 25, 2025

npm Supply Chain Attack Exposes Devs to “Scavenger” Malware Via Phished Accounts

A major incident has rocked the npm ecosystem: the widely-used package eslint-config-prettier suddenly received an update devoid of any corresponding changes on GitHub. Developers quickly grew suspicious—and with good reason. The package’s maintainer later...

Cybercriminals

July 22, 2025

npm Supply Chain Attack Exploited in the Wild – Phishing Steals Maintainer Tokens, Injects Malware into Popular Packages

Hackers have successfully injected malicious code into popular npm packages by leveraging a phishing campaign against project maintainers. The attackers orchestrated a targeted campaign aimed at developers stewarding key projects and managed to steal...

Tagged: Eslint

npm Supply Chain Attack Exposes Devs to “Scavenger” Malware Via Phished Accounts

npm Supply Chain Attack Exploited in the Wild – Phishing Steals Maintainer Tokens, Injects Malware into Popular Packages

Search

Brilliantly

Content & Links