Search
START TYPING AND PRESS ENTER TO SEARCH
Blog

Checkmarx Finds Threat Actor ‘Fully Automating’ NPM Supply Chain Attacks 

Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of “hundreds of malicious packages” into the NPM ecosystem. The Checkmarx warning comes on the heels of Snyk’s discovery of “deliberate sabotage” of NPM package managers and raises new concerns about the software supply chain threat landscape.
Facebook
Linkedin
Twitter
Youtube
Envelope
Facebook Linkedin Twitter Youtube Envelope
About the Author
Editor

Editor

See All Blogs >
Editor

Editor

See All Blogs >
About the Author

More Resources to Consider

CVE-2022-37734: graphql-java Denial-of-Service
March 30, 2023
From Zero to AppSec Anti-Hero: How AI Brings More Security Issues Than It Fixes
March 17, 2023
CocoaPods Subdomain Hijacked: This is How
March 2, 2023
How NPM Packages Were Used to Spread Phishing Links
February 21, 2023
Checkmarx is constantly pushing the boundaries of Application Security Testing to make security seamless and simple for the world’s developers and security teams. As the AppSec testing leader, we deliver the unparalleled accuracy, coverage, visibility, and guidance our customers need to build tomorrow’s software securely and at speed.
ABOUT CHECKMARX
REQUEST A DEMO
CAREERS WITH US
Solutions
Industry
Solutions For
Services
Partners
Company
Resources
Community
Linkedin Twitter Youtube Facebook

Terms of Use | Checkmarx Privacy Policy | Checkmarx.com Cookie Policy

©2023 Checkmarx Ltd. All Rights Reserved. iISO/IEC 27001:2013 Certified

Skip to content