Hundreds more packages found in malicious npm ‘factory 

1 min.

March 28, 2022

Researchers continue to investigate a wave of malicious npm packages, with the published tally now reaching over 700.

Last week, JFrog researchers disclosed the scheme in which an unknown threat actor had published at least 200 malicious Node Package Manager (npm) packages. The team said that the repositories were first detected on March 21 and grew rapidly, with each npm package deliberately named to mimic legitimate software.

Read More

Want to learn more? Here are some additional pieces for you to read.