Most popular NPM packets kidnapped to spread malware




  • An NPM packages has been the victim of a phishing attack
  • The attackers accessed the packages and updated them to carry malware
  • Most antivirus programs are not yet marking the malicious DLL

Several Popular NPM packages with millions of weekly downloads were attacked, and one used as a launch platform for malware implementation, when its maintainer fell prey to a phishing attack.

Jounqin is a software developer that keeps Eslint-Config-Prettier, Eslint-Plugin-Prettier, Syckit, @Pkgr/Core and Napi-Poststalll.

Leave a Comment

Your email address will not be published. Required fields are marked *