{ads}

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

Written By Tuesday, 9 September 2025 Add Comment



September 09, 2025 at 11:43AM

Multiple npm packages have been compromised as part of a software supply chain attack after a maintainer's account was compromised in a phishing attack. The attack targeted Josh Junon (aka Qix), who received an email message that mimicked npm ("support@npmjs[.]help"), urging them to update their update their two-factor authentication (2FA) credentials before September 10, 2025, by clicking on

from The Hacker News https://ift.tt/1ngHiIW

0 Response to "20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads