The Hacker News

Npm Package Targeting GitHub-Owned Repositories Flagged as Red Team Exercise

Cybersecurity researchers have discovered a malicious npm package named "@acitons/artifact" that typosquats the legitimate " ...
SecurityWeek

Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm

A threat actor has published tens of thousands of malicious NPM packages that contain a self-replicating worm, security ...
The Hacker News

Over 67,000 Fake npm Packages Flood Registry in Worm-Like Spam Attack

The coordinated campaign has so far published as many as 46,484 packages, according to SourceCodeRED security researcher Paul ...
InfoWorld

Worm flooding npm registry with token stealers still isn’t under control

Goal is to steal Tea tokens by inflating package downloads, possibly for profit when the system can be monetized.
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
Infosecurity Magazine

“IndonesianFoods” npm Worm Publishes 44,000 Malicious Packages

“After GlassWorm showed how quickly a malicious package could self-replicate across npm, and the chalk/debug hijacking ...
GitHub

ramy-ahmed/ag-grid-angular

This project contains the Angular Component for use with ag-Grid Version 18.0.0 will be the last version in this repository. All future versions will be in the repository above.
GitHub

Releases: Sokmakara04/install-Angular

You can create a release to package software, along with release notes and links to binary files, for other people to use. Learn more about releases in our docs.