Forum: Too Lazy BBS

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

From BleepingComputer to All on Mon Sep 8 13:31:34 2025

In what is being called the largest supply chain attack in history, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. [...]

https://www.bleepingcomputer.com/news/security/hackers-hijack-npm-packages-with-2-billion-weekly-downloads-in-supply-chain-attack/

From BleepingComputer to All on Mon Sep 8 17:35:20 2025

In a supply chain attack, attackers have injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. [...]

https://www.bleepingcomputer.com/news/security/hackers-hijack-npm-packages-with-2-billion-weekly-downloads-in-supply-chain-attack/

From BleepingComputer to All on Tue Sep 9 01:45:37 2025

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. [...]

https://www.bleepingcomputer.com/news/security/hackers-hijack-npm-packages-with-2-billion-weekly-downloads-in-supply-chain-attack/