Lucene search
K

4 matches found

Qualys Blog
Qualys Blog
added 2025/09/10 8:43 p.m.13 views

When Dependencies Turn Dangerous: Responding to the NPM Supply Chain Attack

On September 8, 2025, attackers compromised a set of 18 widely used npm packages —including chalk, debug, ansi-styles, and strip-ansi—collectively downloaded over 2.6 billion times per week. Through a targeted phishing campaign against a maintainer, the attackers published malicious versions...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/08 5:7 p.m.2 views

Malicious code in ansi-styles (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f82dc187071d265457effc48cb50c7ac209143e5da1a502a633a1c35b88aac67 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References3
OSV
OSV
added 2025/09/08 5:7 p.m.1 views

MAL-2025-46967 Malicious code in ansi-styles (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f82dc187071d265457effc48cb50c7ac209143e5da1a502a633a1c35b88aac67 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References3
HackRead
HackRead
added 2025/09/08 4:38 p.m.4 views

npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack

Aikido Security flagged the largest npm attack ever recorded, with 18 packages like chalk, debug, and ansi-styles hacked…...

7.1AI score
Exploits0
Rows per page
Query Builder