CSOonline

Prettier-ESLint npm packages hijacked in a sophisticated supply chain attack

Popular configuration packages for integrating Prettier with ESLint, the widely used code formatting tools within JavaScript and TypeScript projects, were hijacked after a maintainer fell victim to a ...
TechRadar

More popular npm packages hijacked to spread malware

A npm package maintainer has fallen victim to a phishing attack The attackers accessed packages and updated them to carry malware Most antivirus programs are still not properly flagging the malicious ...