How 56 npm packages used binding.gyp to steal secrets
The attack is notable for its breadth, flooding npm with malicious package versions.
RL Research Team
-300x361.png&w=640&q=75){kind=logo}
Posts from RL Research Team
How 56 npm packages used binding.gyp to steal secrets
31 Red Hat npm packages backdoored in 72 seconds
RL has discovered a new supply chain attack affecting 9.8M total downloads across Red Hat's Hybrid Cloud Console JavaScript ecosystem.