Technology ❯ Cybersecurity ❯ Software Security ❯ Supply Chain Attacks

npm Registry

Researchers Uncover 'PhantomRaven' Campaign Flooding npm With 126 Credential-Stealing Packages

Researchers say attackers exploited npm's remote dynamic dependencies to hide install-time payloads that steal developer credentials.