MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
npm
Search

Nx NPM packages poisoned in AI-assisted supply chain attack

Wednesday August 27, 2025. 07:34 PM , from TheRegister
Stolen dev credentials posted to GitHub as attackers abuse CLI tools for recon
Nx is the latest target of a software supply chain attack in the NPM ecosystem, with multiple malicious versions being uploaded to the NPM registry on Tuesday evening.…
Read more at TheRegister
https://go.theregister.com/feed/www.theregister.com/2025/08/27/nx_npm_supply_chain_attack/

Related News

npm The Duty-Free Loophole Is Closing. What That Means for You—and Your Packages Wired: Tech.Aug 28
attack Wave of npm supply chain attacks exposes thousands of enterprise developer credentials InfoWorldAug 28
supply Google issued ‘State-backed attack in progress’ warnings after spotting web hijack scheme TheRegisterAug 27
chain "Always fight back": Canadian man punches cougar in face to escape attack BoingBoingAug 27
ai-assisted ZipLine attack uses 'Contact Us' forms, White House butler pic to invade sensitive industries TheRegisterAug 26
poisoned How does AI affect cloud attack vectors? InfoWorldAug 26
packages Farmers Insurance Data Breach Impacts 1.1 Million People After Salesforce Attack SlashdotAug 26
npm Survey Finds More Python Developers Like PostgreSQL, AI Coding Agents - and Rust for Packages SlashdotAug 25
attack Arch Linux Faces 'Ongoing' DDoS Attack SlashdotAug 23
supply Arch Linux takes a pounding as DDoS attack enters week two TheRegisterAug 22
chain People who get shingles within a year of Covid have doubled reinfection risk and 67 % higher heart attack odds BoingBoingAug 21
ai-assisted Employee distraction is a bigger risk than attack sophistication BetaNewsAug 21
poisoned Oregon Man Accused of Operating One of Most Powerful Attack 'Botnets' Ever Seen SlashdotAug 21
packages Telco giant Colt suffers attack, takes systems offline TheRegisterAug 15
npm Microsoft is Trying To Poach Meta AI Talent and Offering Multimillion-Dollar Pay Packages SlashdotAug 12
attack Poisoned telemetry can turn AIOps into AI Oops, researchers show TheRegisterAug 12
supply UK retail giant M&S restores Click & Collect months after cyber attack, some services still down TheRegisterAug 11
chain Rust's Annual Tech Report: Trusted Publishing for Packages and a C++/Rust Interop Strategy SlashdotAug 10
ai-assisted Salesforce attack exposed Google Ads customer data BetaNewsAug 10
poisoned Dead Kennedys logo creator Winston Smith recovering from heart attack, please help BoingBoingAug 8
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Aug, Sat 30 - 05:43 CEST