<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">
The Buyer’s Guide to Software Supply Chain Security
Download Now!
Revealing XZ: A Software Supply Chain Under Siege
Watch On Demand
Gartner® Report: Mitigate Enterprise Software Supply Chain Risks
Get the Insights
August 26, 2019

Malicious Package in NPM Repository Supported Theft of User Credentials

Malicious Package Was Stealing User Credentials on the NPM Repository

Detecting malware in package manager repositories

Read More: https://www.technadu.com/malicious-package-stealing-user-credentials-npm-repository/77482/

If you want to take a deeper look at our research, check our blog: https://blog.reversinglabs.com/blog/the-npm-package-that-walked-away-with-all-your-passwords

MORE NEWS

Static Binary Analysis: A Final Exam for Software Supply Chain Protection
News | April 22, 2024
Static Binary Analysis: A Final Exam for Software Supply Chain Protection
ReversingLabs’ Director of Product Management Charlie Jones explains how the attack surface within today’s software supply chains has grown exponentially.
Read More
Cybersecurity Insiders: Supply chain attacks demand a 3rd party risk re-think
News | August 14, 2023
Cybersecurity Insiders: Supply chain attacks demand a 3rd party risk re-think
Looked at from one angle, the recent attack on JumpCloud, a cloud-based identity and access management provider, was unsurprising.
Read More
Hack Read: VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools
News | August 06, 2023
Hack Read: VMCONNECT: Malicious PyPI Package Mimicking Common Python Tools
Threat researchers at ReversingLabs, a software supply chain security and malware analysis platform, have discovered a malicious new PyPI package dubbed VMConnect on the Python Package Index (PyPI) repository.
Read More