Explore ReversingLabs Software Supply Chain Security's New Secrets Capabilities
LEARN MORE
Forrester Report: The Software Composition Analysis Landscape, Q1 2023 
LEARN MORE
eBook: Why Traditional App Sec Testing Fails on Supply Chain Security
READ NOW

npm security

Open-source repository malware sows Havoc
February 9, 2023

Open-source repository malware sows Havoc

Aabquerys is a malicious npm package discovered typosquatting on a legitimate npm module that downloads malicious components, ReversingLabs discovered.
Read More
Threat analysis: Malicious npm package mimics Material Tailwind CSS tool
September 23, 2022

Threat analysis: Malicious npm package mimics Material Tailwind CSS tool

ReversingLabs has discovered a malicious npm package disguised as the software tool Material Tailwind. Here's an in-depth look at our discovery — and threat analysis. (Updated with MachO executable information.)
Read More
OpenSSF's npm best practices: A solid first step for supply chain security — but trust issues remain
September 14, 2022

OpenSSF's npm best practices: A solid first step for supply chain security — but trust issues remain

Here's what you need to know about the new OpenSSF npm security best practices.
Read More

SUBSCRIBE

Get the best of the ReversingLabs Blog delivered to your in-box weekly.