Storia in 2 fonti

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

8 Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

Raccontata da

thehackernews.com

dev.to

Confronto fonti

2 prospettive sulla stessa storia

AI · summaries

thehackernews.comStai leggendo1 g fa

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware

8 Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

originale

dev.to1 g fa

How `shieldcortex audit --deps` Catches the parikhpreyash4 Supply-Chain Attack

A 700-repo npm supply-chain campaign drops /tmp/.sshd and bolts a fake "Dependency Cache Sync" step into your GitHub Actions. Here's the one-liner that flags it before npm install ever runs.

Leggi questa versione → originale

Timeline cronologica

sabato 23 maggio 2026·thehackernews.com
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
8 Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.
sabato 23 maggio 2026·dev.to
How `shieldcortex audit --deps` Catches the parikhpreyash4 Supply-Chain Attack
A 700-repo npm supply-chain campaign drops /tmp/.sshd and bolts a fake "Dependency Cache Sync" step into your GitHub Actions. Here's the one-liner that flags it before npm install…