Skip to main content
← All Articles

Tag

#npm

52 articles

Advertisement

TrapDoor Campaign: Detecting Cross-Ecosystem Supply Chain Attacks
HIGH
Supply Chain

TrapDoor Campaign: Detecting Cross-Ecosystem Supply Chain Attacks

The TrapDoor campaign targets npm, PyPI, and Crates.io with over 384 malicious versions designed to exfiltrate developer credentials and sensitive data.

Runtime Rebel Intel
4 min read·May 25, 2026
npm Staged Publishing: New 2FA Controls Prevent Supply Chain Attacks
MEDIUM
Supply Chain

npm Staged Publishing: New 2FA Controls Prevent Supply Chain Attacks

GitHub introduces staged publishing for npm, requiring manual 2FA approval for package releases to mitigate malicious automated updates and account takeovers.

Runtime Rebel Intel
3 min read·May 23, 2026
MA
HIGH
Malware

Analysis of Cross-Platform NPM Stealer Using Discord Webhooks

Technical teardown of an obfuscated Node.js infostealer targeting Discord tokens, crypto wallets, and browser credentials via cross-platform scripts.

Runtime Rebel Intel
3 min read·May 22, 2026
SU
HIGH
Supply Chain

GitHub Repository Breach Linked to TanStack Supply Chain Attack

GitHub confirms the breach of 3,800 internal repositories via a compromised VS Code extension linked to the TanStack npm supply chain attack.

Runtime Rebel Intel
4 min read·May 21, 2026
DA
HIGH
Data Breach

Grafana Breach After TanStack Attack: Token Rotation Failure

Grafana suffered a data breach due to a GitHub workflow token not rotated after the TanStack npm supply-chain attack, impacting user data. Learn the details.

Runtime Rebel Intel
4 min read·May 20, 2026
SU
HIGH
Supply Chain

320+ @antv NPM Packages Compromised in Mini Shai-Hulud Attack

A maintainer account compromise has led to a major supply chain attack against Alibaba’s @antv NPM namespace, impacting over 320 visualization packages.

Runtime Rebel Intel
3 min read·May 20, 2026
SU
HIGH
Supply Chain

TeamPCP Jenkins Plugin Compromise and Mini Shai-Hulud Worm Analysis

TeamPCP escalates its supply chain campaign with a confirmed Jenkins plugin compromise and a self-spreading worm targeting the npm and PyPI ecosystems.

Runtime Rebel Intel
3 min read·May 18, 2026
SU
HIGH
Supply Chain

Shai-Hulud Infostealer Surfaces in Malicious npm Package Campaign

Leaked Shai-Hulud malware is targeting Node.js developers via malicious npm packages, exfiltrating sensitive data and credentials to Telegram-based C2.

Runtime Rebel Intel
4 min read·May 18, 2026
Microsoft Exchange Zero-Day and npm Supply Chain Worm Under Active Use
CRITICAL
Threat Intel

Microsoft Exchange Zero-Day and npm Supply Chain Worm Under Active Use

Critical security briefing on the active exploitation of an Exchange Server zero-day, npm supply chain worms, and Cisco network control vulnerabilities.

Runtime Rebel Intel
3 min read·May 18, 2026
Developer Workstations: The New Front in Software Supply Chain Attacks
HIGH
Supply Chain

Developer Workstations: The New Front in Software Supply Chain Attacks

A surge in attacks targeting npm, PyPI, and Docker Hub highlights a shift toward stealing developer credentials and API keys from workstations and CI/CD pipelines.

Runtime Rebel Intel
4 min read·May 18, 2026
SU
HIGH
Supply Chain

OpenAI Breach: TanStack Supply Chain Attack Impacts Employee Devices

OpenAI confirms two employee devices compromised in a TanStack supply chain attack affecting npm and PyPI packages, prompting certificate rotation.

Runtime Rebel Intel
5 min read·May 14, 2026
Malicious node-ipc Versions Compromise Developer Secrets via Supply Chain
HIGH
Supply Chain

Malicious node-ipc Versions Compromise Developer Secrets via Supply Chain

Three versions of the node-ipc npm package (9.1.6, 9.2.3, 12.0.1) contain stealer/backdoor functionality targeting developer secrets. Urgent update advised.

Runtime Rebel Intel
4 min read·May 14, 2026