North Korean Hackers Targeting Developers with Malicious npm Packages
A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show.
The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and mongodb-execution-utils.
One of the packages in question, execution-time-async, masquerades as its legitimate
2024-02-26 12:27:00
Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions
Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics Read more…
0 Comments