Tag: npm
PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials
The compromise cascaded from PyPI to npm to Packagist when a transitive dependency of pyannote-audio introduced the malicious Lightning package…
Axios NPM Package Breached in North Korean Supply Chain Attack Affecting Millions
Backdoored versions of the Axios JavaScript library, downloaded by roughly 3% of its 100M weekly userbase, deployed cross-platform RATs via…