Technology ❯ Software Development ❯ Open Source Software

Package Management

npm NPM npm Packages Dependency Management NPM Packages Node Package Manager Vulnerabilities Node.js Security Risks PyPI Crates.io RubyGems Node Package Manager (npm)

Malicious npm 'Lotusbail' Package Steals WhatsApp Data and Plants Persistent Backdoor

The package remains available on npm after public disclosure.

Shai-Hulud npm Worm Exposes 25,000+ GitHub Repos Through Trojanized Packages

Researchers Uncover 'PhantomRaven' Campaign Flooding npm With 126 Credential-Stealing Packages

Python Software Foundation Flags Active PyPI Phishing With pypi-mirror.org, Urges Immediate Password Resets

Ruby Central Assumes Temporary Administrative Control of RubyGems and Bundler

Phished npm Maintainer’s Packages Used in Crypto-Clipping Attack as Rapid Takedown Limits Damage

Nx npm Packages Compromised in 'S1ngularity' Attack With Second-Wave Exploitation Emerging