Critical Supply Chain Attack Targets Popular npm Packages with Crypto Mining Malware
A significant supply chain security breach has been uncovered by cybersecurity researchers at Sonatype and Socket, affecting three widely-used npm packages: @rspack/core, @rspack/cli, and Vant. The attack, executed through compromised npm tokens, resulted in the injection of malicious code designed to mine Monero cryptocurrency on affected systems. Impact Assessment and Package Details The compromised packages … Read more