Navigation
Recherche
|
Hackers Hijack npm Packages With 2 Billion Weekly Downloads in Supply Chain Attack
lundi 8 septembre 2025, 21:25 , par Slashdot
![]() The package maintainer whose accounts were hijacked in this supply-chain attack confirmed the incident earlier today, stating that he was aware of the compromise and adding that the phishing email came from support [at] npmjs [dot] help, a domain that hosts a website impersonating the legitimate npmjs.com domain. In the emails, the attackers threatened that the targeted maintainers' accounts would be locked on September 10th, 2025, as a scare tactic to get them to click on the link redirecting them to the phishing sites. Read more of this story at Slashdot.
https://it.slashdot.org/story/25/09/08/1843235/hackers-hijack-npm-packages-with-2-billion-weekly-dow...
Voir aussi |
56 sources (32 en français)
Date Actuelle
mar. 9 sept. - 14:06 CEST
|