Supply chain attack hits Gluestack NPM packages with 960K weekly downloads

Supply chain attack hits Gluestack NPM packages with 960K weekly downloads

A significant supply chain attack hit NPM after 15 popular Gluestack packages with over 950,000 weekly downloads were compromised to include malicious code that acts as a remote access trojan (RAT).

Malicious Python Package Quietly Targeted Cloud DevOps with Sophisticated Multi-Stage Infostealer

In the latest reminder of just how vulnerable the open-source ecosystem remains, security researchers have uncovered a stealthy, multi-stage malware campaign that infiltrated the Python Package Index (PyPI). Disguised as a benign extension for a niche sandboxing environment, the malicious package—chimera-sandbox-extensions—was anything but.The discovery, made by the JFrog Security Research team, exposes an unsettling evolution in the threat land…

summary and analysis of the supply chain attack targeting the React Native development ecosystem

🧪 Incident: NPM Package Compromise Target: 16 popular npm packages maintained by the GlueStack project, widely used in React Native development Attack Type: Supply-chain malware injection Scale: Nearly 1 million downloads per week collectively Affected Packages: Not all disclosed yet, but include components of GlueStack CLI and DevOps plugins *🐛 Identified Malicious Activity * 📦 Malicious code injection | Malicious script embedded into modul…

New npm threats can erase production systems with a single request

Two malicious npm packages have been found posing as legitimate utilities to silently install backdoors for complete production wipeout. According to Socket research, the packages “express-api-sync” and “system-health-sync-api,” are designed for sabotage rather than financial gain or supply chain compromise, indicating a novel adversarial product for competition and state-level disruption. “Published by npm user botsailer using email anupm019@gm…

Complex npm attack uses 7-plus layers of obfuscation to spread Pulsar RAT

The package uses Japanese Unicode characters, hex encoding, Base64 and more to hide its actions. Introduction to Malware Binary Triage (IMBT) Course Looking to level up your skills? Get 10% off using coupon code: MWNEWS10 for any flavor. Enroll Now and Save 10%: Coupon Code MWNEWS10 Note: Affiliate link – your enrollment helps support this platform at no extra cost to you. Article Link: Complex npm attack uses 7-plus layers of obfuscation to sp…

Malicious Backdoors Found in Python and npm Packages Targeting Windows and Linux

In a new wave of supply chain attacks, security researchers have uncovered multiple backdoored open-source packages uploaded to PyPI (Python Package Index) and npm (Node Package Manager). These packages are designed to target both Windows and Linux environments and have been carefully crafted to blend in with legitimate development tools. The discovery comes just as Microsoft pushes for centralized software updates across Windows devices—a move …