Storia in 2 fonti

Popular node-ipc npm package compromised to steal credentials

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm.

Raccontata da

thehackernews.com

bleepingcomputer.com

giovedì 14 maggio 2026·thehackernews.com
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Three node-ipc versions contain stealer/backdoor code, exposing developer and cloud secrets to exfiltration.
venerdì 15 maggio 2026·bleepingcomputer.com
Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting…

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Popular node-ipc npm package compromised to steal credentials