Topic: open-source security challenges

Malware Discovered in Popular NPM Packages with 1M+ Weekly Downloads

A widespread supply chain attack compromised 17 popular NPM packages, injecting malicious code that acts as a remote access trojan, with over one million weekly downloads affected. The malicious payload, hidden in obfuscated code, can execute arbitrary commands, manipulate files, and hijack Windo...