Checkmarx Finds Threat Actor ‘Fully Automating’ NPM Supply Chain Attacks 

1 min.

March 28, 2022

Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of “hundreds of malicious packages” into the NPM ecosystem.

The Checkmarx warning comes on the heels of Snyk’s discovery of “deliberate sabotage” of NPM package managers and raises new concerns about the software supply chain threat landscape.

Read More

Want to learn more? Here are some additional pieces for you to read.