In The News

October 7, 2022

The CyberWire: An unidentified threat actor deploys malicious NPM packets

ReversingLabs researchers outline the placement of a malicious NPM package in a widely used components library
September 23, 2022

The Hacker News: Malicious NPM Package Caught Mimicking Material Tailwind CSS Package

A malicious NPM package has been found masquerading as the legitimate software library for Material Tailwind.
September 23, 2022

Dark Reading: Malicious npm Package Poses as Tailwind Tool

ReversingLabs researchers detected the malicious behavior because the purported library modification contained code obfuscated with JavaScript Obfuscator
July 14, 2022

Risky Biz News: Malicious npm libraries

ReversingLabs said it found 31 npm libraries that contained obfuscated JavaScript code that would steal web form data
July 14, 2022

The Register: Typo-squatting NPM software supply chain attack uncovered

Researchers at ReversingLabs have uncovered evidence of a widespread software supply chain attack through malicious JavaScript packages picked up via NPM