News

SecurityWeek21h
React Native Aria Packages Backdoored in Supply Chain Attack
A threat actor published backdoored versions of 17 NPM packages from GlueStack in a fresh supply chain attack.
The Hacker News19h
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Supply chain attack infects 16 GlueStack npm packages used by 1M weekly users, enabling malware that steals data and controls ...
Popular NPM packages with over a million downloads hit by malware
NPM packages with more than a million weekly downloads were compromised to deliver a RAT The attack could turn into a major ...