Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
45 articles

#npm

All CosmicBytez Labs articles tagged #npm, across news, security advisories, how-to guides, and projects.

  • NewsJun 1, 2026

    Miasma Supply Chain Attack Compromises Red Hat npm Packages with Credential-Stealing Worm

    A new Mini Shai-Hulud supply chain campaign codenamed Miasma has compromised Red Hat's @redhat-cloud-services npm packages, deploying a self-propagating credential-stealing worm that targets developer machines and CI/CD secrets.

  • NewsJun 1, 2026

    OpenAI Codex Authentication Tokens Stolen via codexui-android npm Supply Chain Attack

    Cybersecurity researchers have uncovered a malicious npm package named codexui-android that targets developers using OpenAI Codex by masquerading as a legitimate remote web UI tool, silently exfiltrating authentication tokens to attacker-controlled servers via postinstall hooks.

  • NewsMay 26, 2026

    The Hackers Behind Shai-Hulud: Lucky or Skilled?

    TeamPCP's Shai-Hulud worm inflicted serious damage on the open source ecosystem — but a close look at their operations raises the question of whether their.

  • NewsMay 23, 2026

    Grafana Says Codebase and Other Data Stolen via TanStack

    Grafana confirmed attackers stole internal source code and data after a GitHub token compromised in the TanStack npm supply chain attack was never...

  • NewsMay 23, 2026

    npm Adds 2FA-Gated Publishing and Package Install Controls

    GitHub has rolled out new security controls for npm including staged publishing with 2FA approval requirements and package install policies, giving...

  • NewsMay 21, 2026

    GitHub Links Repo Breach to TanStack npm Supply-Chain Attack

    GitHub has confirmed that hackers who stole 3,800 internal repositories gained access through a malicious version of the Nx Console VS Code extension...

  • NewsMay 21, 2026

    Socket Raises $60 Million at $1 Billion Valuation

    Supply chain security startup Socket has raised $60 million in a new funding round, valuing the company at $1 billion. The capital will expand Socket's...

  • NewsMay 20, 2026

    GitHub Breached — Employee Device Hack Led to Exfiltration

    GitHub is investigating unauthorized access to thousands of internal repositories after an employee device was compromised through the TanStack npm supply...

  • NewsMay 20, 2026

    Grafana Breach Caused by Missed Token Rotation After

    Grafana Labs has revealed that its May 2026 source code breach was caused by a single GitHub workflow token that was inadvertently missed during the token...

  • NewsMay 19, 2026

    Mini Shai-Hulud Pushes Malicious AntV npm Packages via

    Cybersecurity researchers have discovered a fresh Mini Shai-Hulud supply chain attack compromising the @antv npm ecosystem through a hijacked maintainer...

  • NewsMay 18, 2026

    Developer Workstations Are Now Part of the Software Supply

    Supply chain attackers are no longer just targeting repositories and CI/CD pipelines — they're going after the developer workstations that hold the keys...

  • NewsMay 18, 2026

    Four Malicious npm Packages Deliver Infostealers and

    Researchers have uncovered four malicious npm packages embedding infostealer malware and a Phantom Bot DDoS payload — one of which is a direct clone of...

  • NewsMay 18, 2026

    Shai-Hulud Worm Clones Spread After Code Release

    The public release of the Shai-Hulud worm source code by TeamPCP has triggered a wave of copycat variants appearing across the npm ecosystem. Security...

  • NewsMay 15, 2026

    Popular node-ipc npm Package Compromised to Steal

    Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication npm package, in a new...

  • NewsMay 15, 2026

    TanStack Supply Chain Attack Hits Two OpenAI Employee

    OpenAI has disclosed that two corporate employee devices were compromised via the Mini Shai-Hulud supply chain attack on the TanStack npm ecosystem,...

  • NewsMay 15, 2026

    TeamPCP Ups the Game, Releases Shai-Hulud Worm's Source Code

    The hacking group TeamPCP has publicly released the source code for its Shai-Hulud supply chain worm, actively encouraging other threat actors to...

  • NewsMay 14, 2026

    OpenAI Asks macOS Users to Update After TanStack npm Supply

    OpenAI is urging macOS users to update their software following an expanding supply chain attack that compromised TanStack and additional npm and PyPI...

  • NewsMay 14, 2026

    OpenAI Confirms Security Breach in TanStack Supply Chain

    OpenAI confirmed that two employees' devices were compromised during the TanStack supply chain attack, which hit hundreds of npm and PyPI packages. The...

  • NewsMay 12, 2026

    Mini Shai-Hulud Worm Compromises TanStack, Mistral AI

    TeamPCP has expanded its supply chain attack campaign with a fresh Mini Shai-Hulud worm that compromised npm and PyPI packages from TanStack, UiPath,...

  • NewsMay 12, 2026

    Worm Redux: Fresh Mini Shai-Hulud Infections Bite npm

    Hundreds of npm packages in the TanStack open source ecosystem have been infected by a fresh wave of Mini Shai-Hulud worm activity from TeamPCP — the same...

  • NewsMay 1, 2026

    1,800 Hit in Mini Shai-Hulud Attack on SAP, Lightning, and

    The TeamPCP threat group's Mini Shai-Hulud supply chain campaign compromised SAP-related npm packages along with PyTorch Lightning and Intercom client...

  • NewsApr 30, 2026

    TeamPCP Hits SAP npm Packages With 'Mini Shai-Hulud' Supply

    The threat actor TeamPCP has compromised multiple npm packages tied to SAP's cloud application development ecosystem in a new supply chain campaign dubbed...

  • NewsApr 29, 2026

    SAP-Related npm Packages Compromised in Credential-Stealing

    Security researchers have uncovered a coordinated supply chain attack campaign dubbed 'mini Shai-H' targeting SAP-related npm packages, injecting...

  • NewsApr 26, 2026

    Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain

    The popular Bitwarden CLI password manager package @bitwarden/cli@2026.4.0 was compromised as part of an ongoing Checkmarx supply chain campaign, with...

  • SecurityApr 25, 2026

    CVE-2026-6951: simple-git RCE via --config Option Bypass

    A critical remote code execution vulnerability in the simple-git npm package allows attackers to inject arbitrary git config options via the --config...

  • NewsApr 22, 2026

    New npm Supply Chain Attack Self-Spreads to Steal Developer

    A newly discovered supply chain attack targeting the npm ecosystem steals developer authentication tokens and uses compromised accounts to publish...

  • NewsApr 20, 2026

    Why the Axios Attack Proves AI Is Mandatory for Supply

    The North Korean supply chain attack on Axios — a JavaScript library with 100 million weekly downloads — highlights why human-scale monitoring can no...

  • NewsApr 18, 2026

    Critical Flaw in protobuf.js Library Enables JavaScript

    A critical remote code execution vulnerability in protobuf.js, the widely used JavaScript implementation of Google's Protocol Buffers, has been disclosed...

  • SecurityApr 8, 2026

    CVE-2026-39397: PayloadCMS Puck Plugin Access Control Bypass

    A critical access control bypass (CVSS 9.4) in the @delmaredigital/payload-puck PayloadCMS plugin exposes all /api/puck/* CRUD endpoints without...

  • NewsApr 5, 2026

    36 Malicious npm Packages Exploited Redis, PostgreSQL to

    Cybersecurity researchers discovered 36 malicious npm packages disguised as Strapi CMS plugins that abused Redis and PostgreSQL connections to harvest...

  • NewsApr 4, 2026

    Axios npm Hack Used Fake Teams Error Fix to Hijack

    The Axios HTTP client post-mortem reveals North Korean threat actors used a ClickFix-style fake Microsoft Teams error message to socially engineer a...

  • NewsApr 4, 2026

    UNC1069 Social Engineering of Axios Maintainer Led to npm

    The North Korean threat actor UNC1069 used a sophisticated, targeted social engineering campaign against the Axios npm package maintainer Jason Saayman to...

  • NewsApr 3, 2026

    Claude Source Code Leak Highlights Big Supply Chain Missteps

    The accidental exposure of Anthropic's Claude Code source code via an npm packaging error is the latest reminder that software supply chains need...

  • NewsApr 1, 2026

    Axios NPM Package Breached in North Korean Supply Chain

    A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored versions of the widely used...

  • NewsApr 1, 2026

    Claude Code Source Leaked via npm Packaging Error

    Anthropic confirmed that internal source code for its Claude Code AI coding assistant was accidentally published to npm due to a human packaging error. No...

  • NewsApr 1, 2026

    Google Attributes Axios npm Supply Chain Attack to North

    Google's Threat Intelligence Group has formally attributed the supply chain compromise of the popular Axios npm package to UNC1069, a financially...

  • NewsMar 31, 2026

    Attack on Axios Developer Tool Threatens Widespread

    Security researchers at multiple firms are sounding alarms over a supply chain attack against Axios, an npm package with 100 million weekly downloads....

  • NewsMar 31, 2026

    Axios Supply Chain Attack Pushes Cross-Platform RAT via

    Two newly published versions of the widely used Axios HTTP client library — v1.14.1 and v0.30.4 — were found to contain a malicious fake dependency that...

  • NewsMar 31, 2026

    Claude Code Source Code Accidentally Leaked in NPM Package

    Anthropic accidentally published the source code for Claude Code — its normally closed-source AI coding assistant — inside an npm package. The company...

  • NewsletterMar 31, 2026

    Mar 31 Digest: Axios npm RAT, Claude Code Source Leaked

    The Axios npm library was weaponized to deliver a cross-platform RAT; Anthropic accidentally leaked Claude Code's CLI source in an npm package; Google...

  • SecurityMar 23, 2026

    CVE-2026-4599: jsrsasign Private Key Recovery via DSA Nonce

    A critical flaw in jsrsasign versions 7.0.0 through 11.1.0 allows attackers to recover DSA private keys by exploiting biased nonce generation in the...

  • NewsMar 22, 2026

    CanisterWorm: First Blockchain-Powered Self-Spreading Worm

    A novel self-propagating malware dubbed CanisterWorm uses Internet Computer Protocol smart contracts as an untakedownable C2 channel, spreading...

  • NewsMar 11, 2026

    UNC6426 Weaponizes Old nx npm Supply Chain Compromise to

    Threat actor UNC6426 leveraged stolen credentials from last year's nx npm supply chain attack to achieve full AWS administrator access at a victim...

  • NewsFeb 12, 2026

    Lazarus Group Plants 192 Malicious Packages in npm and PyPI

    North Korea's Lazarus Group is running a fake recruitment campaign codenamed Graphalgo, planting 192 malicious packages on npm and PyPI that target...

  • NewsJan 18, 2026

    Supply Chain Attack Discovered in Popular NPM Packages

    Security researchers have discovered malicious code injected into several popular NPM packages with millions of weekly downloads. Developers urged to...