Topic: malicious updates

Sort by: Relevance | Date
  • NPM Supply-Chain Attack Thwarted: Hackers Foiled
    September 12, 2025
    88%

    NPM Supply-Chain Attack Thwarted: Hackers Foiled

    A massive supply-chain attack on the NPM ecosystem was quickly neutralized, preventing a catastrophic security incident despite malicious updates reaching 10% of cloud environments. The attack began with a phishing compromise of a maintainer account, allowing tainted updates to widely used packag...

    Read More »
  • Notepad++ Updates Channel After Security Breach
    February 20, 2026
    85%

    Notepad++ Updates Channel After Security Breach

    Notepad++ has released a critical security update (version 8.9.2) to fix vulnerabilities in its update mechanism that were exploited to deliver malware, and users are urged to update immediately. The attack exploited unsigned update files and a lack of installer verification, allowing hackers to ...

    Read More »

Related Topics

supply chain compromise (2) security research (1) cryptocurrency theft (1) user recommendations (1) phishing attack (1) github repository (1) vulnerability exploitation (1) npm packages (1)