#npm-supply-chain-attack

[ follow ]
#github-actions-security #credential-harvesting #oidc-token-compromise #tanstack-packages
fromTanstack
1 day ago

Postmortem: TanStack npm supply-chain compromise | TanStack Blog

The malicious versions were detected publicly within 20 minutes by an external researcher ashishkurmi working for stepsecurity. All affected versions have been deprecated; npm security has been engaged to pull tarballs from the registry. We have no evidence of npm credentials being stolen, but we strongly recommend that anyone who installed an affected version on 2026-05-11 rotate AWS, GCP, Kubernetes, Vault, GitHub, npm, and SSH credentials reachable from the install host.
Node JS
Information security
fromThe Hacker News
2 months ago

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean threat actors deployed 26 malicious npm packages using steganography to hide command-and-control infrastructure in Pastebin essays, targeting developers with credential stealers and remote access trojans.
[ Load more ]