New ‘IndonesianFoods’ worm floods npm with 100,000 packages

A self-spreading package published on npm spams the registry by spawning new packages every every seven seconds, creating ...

Anthropic: China-Based Hackers Used Claude to Automate Global Cyberattack

Chinese state-backed hackers hijacked Anthropic’s Claude AI to run an autonomous global cyberattack, marking a major shift in ...

New ‘IndonesianFoods’ spammer floods npm with 150,000 packages

An auto-spamming paylload published on npm spams the registry by spawning new packages every seven seconds, creating large ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...