The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
Cybernews

Malicious NPM package racks up 50,000 infections in days, developers fully compromised

A malicious NPM package, ambar-src, mimicking a popular JavaScript framework, was downloaded nearly 50,000 times in a few ...
Yahoo

North Korean hackers are using malicious npm packages to target developers

Add Yahoo as a preferred source to see more of our stories on Google. North Korean state-sponsored threat actors were observed pushing malicious packages into the npm registry, in an attempt to ...
TheStreet.com

How to stay safe if you’re using MetaMask, Phantom, Trust or any crypto wallet from NPM attack

A new cyberattack has put millions of crypto users on alert after hackers slipped malicious code into NPM, the software registry that powers thousands of apps and websites, including many tied to ...
Bleeping Computer

Malicious Rspack, Vant packages published using stolen NPM tokens

Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers.