malicious packages

Business

Malicious ‘IndonesianFoods’ Worm Floods npm With 100K Packages

November 15, 2025
NPM logo in white text on a red and black gradient background.

A self-propagating npm package called 'IndonesianFoods' has flooded the registry with over 100,000 junk packages, using random Indonesian names and…

Read More »
Business

Malicious NPM Packages Downloaded 86,000+ Times

October 30, 2025
Bright yellow caution tape with black lettering warning of danger.

A security vulnerability in the NPM ecosystem allowed attackers to upload over 100 malicious packages, downloaded more than 86,000 times,…

Read More »
Artificial Intelligence

AI-Generated Code Risks: A Threat to Software Supply Chains

April 29, 2025
A robot sits before multiple computer screens displaying complex data streams and graphs in shades of blue.

AI-generated code poses serious security risks by frequently referencing fake software libraries, opening the door for sophisticated supply chain attacks…

Read More »