Popular #npm #linter packages hijacked via #phishing to drop #malware

https://www.bleepingcomputer.com/news/security/popular-npm-linter-packages-hijacked-via-phishing-to-drop-malware/

https://safedep.io/eslint-config-prettier-major-npm-supply-chain-hack/

Oops.

Fake npm Website Used to Push Malware via Stolen Token https://hackread.com/fake-npm-website-used-push-malware-via-stolen-token/ #Cybersecurity #CyberAttack #javascript #Security #Phishing #Malware #Scam #NPM

"Hours after we reported on the npm phishing campaign using the typosquatted npnjs.com site, we’re now seeing the first major fallout: popular npm packages, including eslint-config-prettier and eslint-plugin-prettier, were compromised" #eslint #npm #nodejs

https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise

Fake npm Website Used to Push Malware via Stolen Token – Source:hackread.com https://ciso2ciso.com/fake-npm-website-used-to-push-malware-via-stolen-token-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttack #javascript #Hackread #Phishing #security #malware #Scam #NPM

How to Install #Directus on #AlmaLinux #VPS

Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
What is Directus?
Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, user-friendly admin interface for ...
Continued https://blog.radwebhosting.com/how-to-install-directus-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #selfhosting #selfhosted #npm #installguide #vpsguide #postgresql #letsencrypt #cmsapps #nodejs

How to Install #Directus on #AlmaLinux #VPS

Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.
What is Directus?
Directus is an open-source #headless #CMS and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, user-friendly admin interface for ...
Continued https://blog.radwebhosting.com/how-to-install-directus-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #letsencrypt #selfhosted #selfhosting #vpsguide #installguide #cmsapps #nodejs #postgresql #npm

A fake npm website tricked a maintainer into giving up their token, letting attackers push malware into popular JS packages.

Details: https://hackread.com/fake-npm-website-used-push-malware-via-stolen-token/

#Decentralized #Module #Federation #Microfrontend #Architecture

I'm working on a #webapp and I'm being #creative on the #approach. It might be considered #overcomplicated (because it is), but I'm just trying something out. It's entirely possible this approach won't work #longterm. I see it as there is #onewaytofindout. I don't recommend this approach. Just sharing what I'm trying/#investigating.

How it will be #architected: [https://positive-intentions.com/blog/decentralised-architecture](https://positive-intentions.com/blog/decentralised-architecture)
Some #benefits of the #approach: [https://positive-intentions.com/blog/statics-as-a-chat-app-infrastructure](https://positive-intentions.com/blog/statics-as-a-chat-app-infrastructure)

I find that #modulefederation and #microfrontends to generally be #discouraged when I see posts, but I think it works for me in my #approach. I'm #optimistic about the approach and the #benefits and so I wanted to #share details.

When I serve the #federatedmodules, I can also host the #storybook statics so I think this could be a good way to #document the modules in #isolation.

#Cryptography modules - https://cryptography.positive-intentions.com/?path=%2Fdocs%2Fcryptography-introduction--docs

#P2P framework - https://p2p.positive-intentions.com/?path=%2Fdocs%2Fe2e-tests-connectionstatus--docs

This way, I can create #microfrontends that consume these #modules. I can then #share the #functionality between #apps. The following apps are using a different codebase from each other (there is a #distinction between these apps in #opensource and #closesource). Sharing those #dependencies could help make it easier to roll out #updates to #coremechanics.

#P2P chat - [https://chat.positive-intentions.com/](https://chat.positive-intentions.com/)
#P2P file transfer - [https://file.positive-intentions.com/](https://file.positive-intentions.com/)

The #functionality also works when I create an #Android build with #Tauri. This could also lead to it being easier to create #newapps that could use the #modules created.

I'm sure there will be some distinct #test/#maintenance #overhead, but depending on how it's #architected I think it could work and make it easier to #improve on the current #implementation.

Everything about the #project is far from finished. It could be seen as this is a #complicated way to do what #npm does, but I think this #approach allows for greater #flexibility by being able to #separate #opensource and #closesource code for the #web. (Of course as #javascript, it will always be "source code available". Especially in the age of #AI, I'm sure it's possible to #reverseengineer it like never before.)

(mastodon might not be the place for something like this, so let me know if you dont like this kind of content. i typically post on reddit and would like to shift it more towards mastodon. i also use lemmy, but mastodon has a better reach.)

Phishing Attack Leads to Malware Injection in Popular npm Packages

Pulse ID: 687d9f350e96a9f07804b957
Pulse Link: https://otx.alienvault.com/pulse/687d9f350e96a9f07804b957
Pulse Author: cryptocti
Created: 2025-07-21 02:00:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

Great analysis of the malware distributed with the esling-config-prettier NPM package compromise on Friday: https://c-b.io/2025-07-20+-+Install+Linters%2C+Get+Malware+-+DevSecOps+Speedrun+Edition

By c-b.io on Bluesky / cyb3rjerry on Twitter :D

"Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers' npm tokens.

The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories.

The list of affected packages and their rogue versions, according to Socket, is listed below -

- eslint-config-prettier (versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7)
- eslint-plugin-prettier (versions 4.2.2 and 4.2.3)
- synckit (version 0.11.9)
- @pkgr/core (version 0.2.8)
- napi-postinstall (version 0.3.1)

"The injected code attempted to execute a DLL on Windows machines, potentially allowing remote code execution," the software supply chain security firm said."

https://thehackernews.com/2025/07/malware-injected-into-6-npm-packages.html

Cảnh báo: Một gói NPM chính thức của Google Cloud đã bị phát hiện chứa mã độc thông qua một dependency.

Hãy cẩn thận và kiểm tra kỹ các dependency trong dự án của bạn!

#GoogleCloud #NPM #Malware #Security #BảoMật #MãĐộc #LậpTrình

https://github.com/googleapis/google-cloud-node/issues/6510

There was an attempt to put malware into the eslint-config-prettier package. Be careful out there peeps.

https://github.com/prettier/eslint-config-prettier/issues/339#issuecomment-3090199603

Active supply chain attack on npm:
Multiple Prettier tooling packages were compromised through the phishing campaign we published about just hours ago. Watch out for more compromised accounts and malicious packages.

Follow-up: https://socket.dev/blog/npm-phishing-campaign-leads-to-prettier-tooling-packages-compromise #nodejs #npm