The Hacker News

New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally

Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change to "lib/commonjs/index.js," allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1

Jun 8, 2025 - 15:08
 0
New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change to "lib/commonjs/index.js," allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1
Read More

Tags:

Previous Article

I hope Apple does more than just redesign iOS 18 at WWDC 2025 – here's why

Next Article

Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Ea...

Related Posts

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms

PureRAT Malware Spikes 4x in 2025, Deploying PureLogs t...

May 21, 2025  0

Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit

Meta to Train AI on E.U. User Data From May 27 Without ...

May 15, 2025  0

Noyb Threatens Meta with Lawsuit for Violating GDPR to Train AI on E.U. User Data From May 27

Noyb Threatens Meta with Lawsuit for Violating GDPR to ...

May 23, 2025  0