Popular configuration packages for integrating Prettier with ESLint, the widely used code formatting tools within JavaScript and TypeScript projects, were hijacked after a maintainer fell victim to a ...
Ten malicious packages mimicking legitimate software projects in the npm registry download an information-stealing component that collects sensitive data from Windows, Linux, and macOS systems. The ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
A new attempt to influence AI-driven security scanners has been identified in a malicious npm package. The package, eslint-plugin-unicorn-ts-2 version 1.2.1, appeared to be a TypeScript variant of the ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results