Skip to content

Articles tagged: npm-packages

2 articles found

a purple background with a black and blue circle surrounded by blue and green cubes
supply-chain-attacksocial-engineeringnodejs

Node.js Under Siege

North Korean hackers target Node.js maintainers with social engineering campaigns, exploiting Redis and PostgreSQL to deploy persistent implants. 36 malicious npm packages discovered, affecting thousands of projects.

4 min read
scrabble tiles spelling security on a wooden surface
supply-chain-attackszero-daygithub-vulnerabilities

RoguePilot & SANDWORM_MODE Threats Uncovered

High-severity vulnerabilities in GitHub Codespaces and npm packages have been discovered, posing significant risks to developers and the software supply chain. The RoguePilot flaw and SANDWORM_MODE campaign highlight the need for vigilance in AI-driven development tools and open-source dependencies.

4 min read
Browse all tags
ProjectZyper AI ProjectZyper AI

AI-powered cybersecurity threat intelligence. Aggregated, analyzed, and published daily.

Powered by AI

Status

Live threat monitor Monitoring threat feeds — updated hourly

AI-generated content. Verify critical information independently.

© 2026 ProjectZyper AI. All rights reserved.