How Threat Actors Are Using Npm To Launch Attacks Help Net Security

By switzerlandersing On Sep 12, 2025

How Threat Actors Are Using Npm To Launch Attacks - New York Tech Media

How Threat Actors Are Using Npm To Launch Attacks - New York Tech Media Threat actors registered the typosquatted domain npmjs.help on september 5, just three days before launching their campaign, and used it to impersonate legitimate npm administrative communications. Npm supply chain attack exposed billions of downloads to risk. learn how malicious packages spread and how to prevent threats with cortex cloud.

NPM Security: Preventing Supply Chain Attacks | Snyk

NPM Security: Preventing Supply Chain Attacks | Snyk Executive summary on september 8, 2025, the javascript ecosystem experienced its most devastating supply chain attack to date when threat actors compromised the npm account of josh junon (known as "qix "), a prolific open source maintainer responsible for some of the most fundamental packages in modern web development. A sophisticated supply chain attack has compromised several widely used npm packages, including eslint config prettier and eslint plugin prettier, after threat actors successfully stole maintainer authentication tokens through a targeted phishing campaign. Discover how 18 npm packages were compromised in a major supply chain attack. learn what happened, who’s affected, and how to protect your software supply chain. Threat actors have leveraged a phishing campaign targeting npm package maintainers, resulting in the compromise of widely used javascript tooling libraries.

NPM Security: Preventing Supply Chain Attacks | Snyk

NPM Security: Preventing Supply Chain Attacks | Snyk Discover how 18 npm packages were compromised in a major supply chain attack. learn what happened, who’s affected, and how to protect your software supply chain. Threat actors have leveraged a phishing campaign targeting npm package maintainers, resulting in the compromise of widely used javascript tooling libraries. The npm registry, a critical platform for managing open source javascript code libraries, has become a favored target. attackers exploit the widespread practice of reusing packages by injecting malware into lesser maintained dependencies that are still actively used across thousands of applications. The npm supply chain attack put billions of downloads at risk. discover how it happened, what was compromised, and how to stay secure. In this post, we explain how npm is used in the enterprise and highlight how threat actors can readily exploit npm to attack businesses that have yet to set up the appropriate safeguards and controls for this vector. We put together this page to give an overview of the most common attacks npm faces, a high level description of how we mitigate those attacks, and links to more information.