Organization

npm

3 stories · sorted newest first · 📡 RSS

NPM Ecosystem Hit by Supply Chain Attack, TeamPCP Uses Malicious Worm Toolchain

NPM Ecosystem Hit by Supply Chain Attack, TeamPCP Uses Malicious Worm Toolchain

A devastating attack compromised 42 packages from the @tanstack namespace and spread to dozens of other maintainers. The worm prod

Jun 25, 2026 · preview
Miasma Worm Compromises Microsoft GitHub Repositories: Potential Threat to AI Coding Tools

Miasma Worm Compromises Microsoft GitHub Repositories: Potential Threat to AI Coding Tools

A sophisticated supply chain attack on June 5, 2026, compromised 73 Microsoft GitHub repositories using the Miasma worm. The attac

Jun 25, 2026 · preview
Malicious npm Package Discovered: PostCSS-Minify-Selector-Parser Delivers Windows RAT

Malicious npm Package Discovered: PostCSS-Minify-Selector-Parser Delivers Windows RAT

A fake PostCSS tool, postcss-minify-selector-parser, was found to deliver a multi-stage Windows remote access trojan (RAT) to deve

Jun 24, 2026 · preview