The Hacker News

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...
Infosecurity Magazine

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

“After GlassWorm showed how quickly a malicious package could self-replicate across npm, and the chalk/debug hijacking ...

Hackers found a way to weaponize CAPTCHA pages, and it's incredibly effective

A year of escalating social-engineering attacks has produced one of the most efficient infection chains observed to date. Known as ClickFix, this method requires only that ...
SecurityWeek

Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm

A threat actor has published tens of thousands of malicious NPM packages that contain a self-replicating worm, security researchers warn.