WE ARE ON YOUR SIDE.
ALWAYS.

Piece of news of the day

ADVANCED SECURITY EUROPA

EOOD

Unveiling the Stealthy Threat: Malicious npm Packages Planting Seeds of Destruction

24 April 2026

The article discusses malicious npm packages distributing malware to steal credentials and spread across developer ecosystems.
The malware, found in packages like @automagik/genie and pgserve, executes during installation to harvest sensitive data and republish compromised packages.
It targets cloud credentials, CI/CD tokens, browser-stored data, and cryptocurrency wallets.
The malware can spread by extracting npm tokens, injecting code into accessible packages, and even propagating through PyPI using .pth file injection.
Researchers noted similarities with previous campaigns and suspect legitimate projects may have been hijacked.
The situation is ongoing with new malicious versions emerging, and the full extent of the attack is still being determined.

Read the full article here