Skip to main content
← All Articles

Tag

#npm

52 articles

Advertisement

Malicious npm Packages Impersonate PostCSS to Deliver Windows RAT
HIGH
Supply Chain

Malicious npm Packages Impersonate PostCSS to Deliver Windows RAT

Security researchers uncover malicious npm packages such as postcss-minify-selector-parser delivering Windows RATs via supply chain attacks. Audit your builds.

Runtime Rebel Intel
3 min read·Jun 23, 2026
SU
CRITICAL
Supply Chain

North Korean Sapphire Sleet Compromises 140+ Mastra AI npm Packages

Microsoft attributes the Mastra AI supply chain attack to Sapphire Sleet (BlueNoroff), involving 140+ malicious npm packages targeting AI developers.

Runtime Rebel Intel
3 min read·Jun 20, 2026
NastyC2 npm Packages, AI Abuse & macOS Threats Identified
HIGH
Threat Intel

NastyC2 npm Packages, AI Abuse & macOS Threats Identified

Analysis of NastyC2 npm supply chain attacks, Claude chat abuse for malware, memory-resident macOS threats, and device-code phishing.

Runtime Rebel Intel
4 min read·Jun 18, 2026
SU
INFO
Supply Chain

npm 12 Security: Default Script Execution Changes to Mitigate Supply Chain Attacks

npm 12 introduces a critical change: 'npm install' will no longer run dependency scripts by default, significantly reducing software supply chain risks.

Runtime Rebel Intel
4 min read·Jun 13, 2026
GitHub to Disable npm Install Scripts by Default in Version 12
MEDIUM
Supply Chain

GitHub to Disable npm Install Scripts by Default in Version 12

GitHub announces breaking changes for npm v12, disabling install scripts by default to prevent malicious code execution and enhance supply chain security.

Runtime Rebel Intel
4 min read·Jun 11, 2026
npm Supply Chain Attack: IronWorm and Miasma Malware Analysis
HIGH
Supply Chain

npm Supply Chain Attack: IronWorm and Miasma Malware Analysis

Threat actors target npm developers with the IronWorm info stealer and Miasma worm, utilizing eBPF rootkits to exfiltrate secrets and ensure persistence.

Runtime Rebel Intel
3 min read·Jun 5, 2026
IronWorm: Rust-Written Malware Hits npm Supply Chain Developers
HIGH
Supply Chain

IronWorm: Rust-Written Malware Hits npm Supply Chain Developers

Analysis of the Rust-written IronWorm malware targeting npm supply chain developers. Learn how it steals credentials and propagates, and discover essential mitigation

Runtime Rebel Intel
5 min read·Jun 5, 2026
SU
HIGH
Supply Chain

IronWorm Malware: 36 npm Packages Identified in Supply Chain Attack

Security researchers discover a campaign delivering IronWorm infostealer malware via 36 malicious npm packages using preinstall script execution hooks.

Runtime Rebel Intel
3 min read·Jun 4, 2026
SU
CRITICAL
Supply Chain

Red Hat npm Supply Chain Compromise: Miasma Steals Dev Credentials

Over 30 Red Hat npm packages under @redhat-cloud-services were compromised in a supply chain attack distributing Miasma malware to steal developer credentials.

Runtime Rebel Intel
5 min read·Jun 2, 2026
Miasma Supply Chain Attack: Defending Red Hat npm Environments
CRITICAL
Supply Chain

Miasma Supply Chain Attack: Defending Red Hat npm Environments

Analysis of the Miasma supply chain attack targeting Red Hat npm packages with credential-stealing worms. Technical details and mitigation guide for SOC teams.

Runtime Rebel Intel
3 min read·Jun 1, 2026
Malicious npm Package Targets Claude AI User Data — Technical Analysis
HIGH
Supply Chain

Malicious npm Package Targets Claude AI User Data — Technical Analysis

Researchers discover mouse5212-super-formatter, a malicious npm package designed to exfiltrate sensitive files from Claude AI user directories.

Runtime Rebel Intel
3 min read·May 27, 2026
Shai-Hulud Campaign: TeamPCP Targets Open-Source Supply Chain
HIGH
Supply Chain

Shai-Hulud Campaign: TeamPCP Targets Open-Source Supply Chain

Analysis of the Shai-Hulud campaign by TeamPCP, detailing their open-source supply chain attacks, TTPs, and critical mitigation strategies.

Runtime Rebel Intel
5 min read·May 26, 2026