New Supply Chain Malware Operation Hits npm and PyPI Ecosystems, Targeting Millions Globally,
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware.
The malware, introduced via a change to « lib/commonjs/index.js, » allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1
The malware, introduced via a change to « lib/commonjs/index.js, » allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1
,
Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware.
The malware, introduced via a change to « lib/commonjs/index.js, » allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1
The malware, introduced via a change to « lib/commonjs/index.js, » allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1
, ,
https://thehackernews.com/2025/06/new-supply-chain-malware-operation-hits.html