Habr<p>[Перевод] Когда ИИ становится троянским конем: 43% «галлюцинированных» имен пакетов регулярно повторяются в сгенерированном коде</p><p>AI-помощники регулярно "галлюцинируют" несуществующие пакеты, а злоумышленники используют эти имена для размещения вредоносного кода в репозиториях. Исследования показывают, что 5.2% рекомендаций пакетов от коммерческих моделей не существуют, а для open-source моделей этот показатель достигает 21.7%. Эта техника, названная "слопсквоттингом" (slopsquatting), особенно опасна в эпоху "vibe coding", когда разработчики безоговорочно доверяют рекомендациям AI.</p><p><a href="https://habr.com/ru/articles/901198/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">habr.com/ru/articles/901198/</span><span class="invisible"></span></a></p><p><a href="https://zhub.link/tags/%D0%B8%D1%81%D0%BA%D1%83%D1%81%D1%81%D1%82%D0%B2%D0%B5%D0%BD%D0%BD%D1%8B%D0%B9_%D0%B8%D0%BD%D1%82%D0%B5%D0%BB%D0%BB%D0%B5%D0%BA%D1%82" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>искусственный_интеллект</span></a> <a href="https://zhub.link/tags/%D0%BA%D0%B8%D0%B1%D0%B5%D1%80%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF%D0%B0%D1%81%D0%BD%D0%BE%D1%81%D1%82%D1%8C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>кибербезопасность</span></a> <a href="https://zhub.link/tags/slopsquatting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>slopsquatting</span></a> <a href="https://zhub.link/tags/%D1%80%D0%B0%D0%B7%D1%80%D0%B0%D0%B1%D0%BE%D1%82%D0%BA%D0%B0" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>разработка</span></a> <a href="https://zhub.link/tags/%D0%B3%D0%B0%D0%BB%D0%BB%D1%8E%D1%86%D0%B8%D0%BD%D0%B0%D1%86%D0%B8%D0%B8_%D0%B8%D0%B8" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>галлюцинации_ии</span></a> <a href="https://zhub.link/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://zhub.link/tags/pypi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pypi</span></a> <a href="https://zhub.link/tags/vibecoding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vibecoding</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software.
If you wish to join, contact us for an invite.
Administered by:
Server stats:
10Kactive users
fosstodon.org: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#npm
11 posts · 10 participants · 0 posts today
Thomas Svensson 🖖<p>Practicing to improve my <a href="https://fosstodon.org/tags/NPM" class="mention hashtag" rel="tag">#<span>NPM</span></a> at <a href="https://vim-racer.com/" target="_blank" rel="nofollow noopener noreferrer" translate="no"><span class="invisible">https://</span><span class="">vim-racer.com/</span><span class="invisible"></span></a></p><p>Personal best thus far: 61</p>
Rad Web Hosting<p>How to Install <a href="https://mastodon.social/tags/Directus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Directus</span></a> on <a href="https://mastodon.social/tags/AlmaLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlmaLinux</span></a> <a href="https://mastodon.social/tags/VPS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VPS</span></a> </p><p>Here's a step-by-step guide detailing how to install Directus on AlmaLinux VPS.<br>What is Directus?<br>Directus is an open-source <a href="https://mastodon.social/tags/headless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>headless</span></a> <a href="https://mastodon.social/tags/CMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CMS</span></a> and data platform that allows you to manage and interact with your database through a RESTful API or GraphQL API. It provides a modern, user-friendly admin interface for ...<br>Continued 👉 <a href="https://blog.radwebhosting.com/how-to-install-directus-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.radwebhosting.com/how-to-</span><span class="invisible">install-directus-on-almalinux-vps/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost</span></a> <a href="https://mastodon.social/tags/cmsapps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cmsapps</span></a> <a href="https://mastodon.social/tags/nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nodejs</span></a> <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://mastodon.social/tags/vpsguide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vpsguide</span></a> <a href="https://mastodon.social/tags/installguide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>installguide</span></a> <a href="https://mastodon.social/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosting</span></a> <a href="https://mastodon.social/tags/letsencrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>letsencrypt</span></a> <a href="https://mastodon.social/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://mastodon.social/tags/postgresql" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>postgresql</span></a></p>
Ryan Daws 🤓<p>Masquerading payment npm package installs backdoor <a href="https://www.developer-tech.com/news/masquerading-payment-npm-package-installs-backdoor/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">developer-tech.com/news/masque</span><span class="invisible">rading-payment-npm-package-installs-backdoor/</span></a> <a href="https://techhub.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://techhub.social/tags/javascript" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>javascript</span></a> <a href="https://techhub.social/tags/developers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>developers</span></a> <a href="https://techhub.social/tags/coding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>coding</span></a> <a href="https://techhub.social/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programming</span></a> <a href="https://techhub.social/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://techhub.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://techhub.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://techhub.social/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tech</span></a> <a href="https://techhub.social/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a> <a href="https://techhub.social/tags/technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>technology</span></a></p>
OTX Bot<p>Atomic and Exodus crypto wallets targeted in malicious npm campaign</p><p>A malicious npm package named pdf-to-office was discovered targeting cryptocurrency wallets. The package, posing as a PDF to Office converter, injects malicious code into locally installed Atomic and Exodus wallets. This attack modifies legitimate files to redirect crypto funds to the attacker's wallet. The campaign shows persistence, as removing the malicious package doesn't remove the injected code from the wallets. Multiple versions of both wallets were targeted, with the attackers adapting their code accordingly. This incident highlights the growing scope of software supply chain risks, particularly in the cryptocurrency industry, and emphasizes the need for improved monitoring of both source code repositories and locally deployed applications.</p><p>Pulse ID: 67fd41f7af4b02a0fd75fb69<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67fd41f7af4b02a0fd75fb69" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67fd4</span><span class="invisible">1f7af4b02a0fd75fb69</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-04-14 17:12:23</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/Atomic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Atomic</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/Office" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Office</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/PDF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PDF</span></a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RCE</span></a> <a href="https://social.raytec.co/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SupplyChain</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptocurrency</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
securityaffairs<p>Malicious <a href="https://infosec.exchange/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a> packages target <a href="https://infosec.exchange/tags/PayPal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PayPal</span></a> users<br><a href="https://securityaffairs.com/176530/security/malicious-npm-packages-to-steal-paypal-credentials.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">securityaffairs.com/176530/sec</span><span class="invisible">urity/malicious-npm-packages-to-steal-paypal-credentials.html</span></a><br><a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityaffairs</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a></p>
Caycedo🎙️<p>Creo que lo principal es no instalar el paquete de inmediato.</p><p>Verificar el nombre en el repositorio que uses: <a href="https://oye.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://oye.social/tags/pypi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pypi</span></a> <a href="https://oye.social/tags/homebrew" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homebrew</span></a> <a href="https://oye.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dotnet</span></a> etc.</p><p>Algunos paquetes en el repositorio pueden parecer confiables sin serlo. Revisaa las fechas de publicación y número de proyectos dependientes.</p><p>Busca en otros foros sobre la funcionalidad que necesitas y valida qué recomienda la gente.</p><p>En pocas palabras, busca el paquete por ti mismo, de la forma tradicional, sin confiar en tu <a href="https://oye.social/tags/LLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LLM</span></a> "de confianza".</p>
Caycedo🎙️<p><a href="https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/04/12/ai_</span><span class="invisible">code_suggestions_sabotage_supply_chain/</span></a><br>Se ha identificado que los <a href="https://oye.social/tags/LLMs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LLMs</span></a> pueden generar nombres de paquetes falsos que usamos los desarrolladores, de forma consistente, debido a sus "alucinaciones". Así que personas inescrupulosas han creado y publicado estos paquetes en repositorios comunes como <a href="https://oye.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a>, <a href="https://oye.social/tags/pypi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pypi</span></a> y otros. </p><p>Cuando un desarrollador usando un LLM ve esta referencia y descarga el paquete engañoso, puede introducir riesgos a sus sistemas difíciles de detectar.</p>
Jamie Tanna<p><strong>Properly patching packages: persistently producing patches for published projects, particularly practically prevented by patch-package policy</strong></p>
How to use `patch-package` to modify NPM dependencies, for instance when you're distributing an executable and you want to patch something you rely upon, without relying upon `postinstall` scripts.
<p><a href="https://fed.brid.gy/r/https://www.jvt.me/posts/2025/04/12/patch-package-distribute/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fed.brid.gy/r/https://www.jvt.</span><span class="invisible">me/posts/2025/04/12/patch-package-distribute/</span></a></p>
Mike McCaffrey<p>FYI: Absolutely do not use AI to generate any files that specify what packages to include in your project:<br> <a href="https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/04/12/ai_</span><span class="invisible">code_suggestions_sabotage_supply_chain/</span></a></p><p><a href="https://drupal.community/tags/GenerativeAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GenerativeAI</span></a> <a href="https://drupal.community/tags/VibeCoding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VibeCoding</span></a> <a href="https://drupal.community/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a> <a href="https://drupal.community/tags/Drupal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Drupal</span></a></p>
skry<p>“slopsquatting, a new term for a surprisingly effective type of software supply chain attack that emerges when LLMs “hallucinate” package names that don’t actually exist. If you’ve ever seen an AI recommend a package and thought, “Wait, is that real?”—you’ve already encountered the foundation of the problem.</p><p>And now attackers are catching on.”</p><p>The Rise of Slopsquatting: How <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> Hallucinations Are Fueling... <a href="https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">socket.dev/blog/slopsquatting-</span><span class="invisible">how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks</span></a> <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://mastodon.social/tags/dev" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dev</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p><p>Edit: more info: <a href="https://www.bleepingcomputer.com/news/security/ai-hallucinated-code-dependencies-become-new-supply-chain-risk/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/ai-hallucinated-code-dependencies-become-new-supply-chain-risk/</span></a></p>
Pyrzout :vm:<p>npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers <a href="https://hackread.com/npm-malware-atomic-exodus-wallets-hijack-crypto/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/npm-malware-atomi</span><span class="invisible">c-exodus-wallets-hijack-crypto/</span></a> <a href="https://social.skynetcloud.site/tags/Cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cryptocurrency</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/Atomic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Atomic</span></a> <a href="https://social.skynetcloud.site/tags/Crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Crypto</span></a> <a href="https://social.skynetcloud.site/tags/Exodus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Exodus</span></a> <a href="https://social.skynetcloud.site/tags/Fraud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fraud</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> <a href="https://social.skynetcloud.site/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a></p>
OTX Bot<p>Malicious NPM Packages Targeting PayPal Users</p><p>A series of malicious NPM packages have been identified deploying malware to<br>steal sensitive information from compromised systems. It was observed that threat<br>actor groups known as “tommyboy_h1” and “tommyboy_h2” were deploying<br>these malware between March 5 and March 14 to targets PayPal users.</p><p>Pulse ID: 67f951f94767a31bd6122975<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67f951f94767a31bd6122975" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67f95</span><span class="invisible">1f94767a31bd6122975</span></a> <br>Pulse Author: cryptocti<br>Created: 2025-04-11 17:31:37</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/cryptocti" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptocti</span></a></p>
Tom Boutell<p><a href="https://toot.cat/tags/hugops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hugops</span></a> to <a href="https://toot.cat/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> today. Private package installs and "npm publish" are failing for older access tokens. You can clear the issue with a fresh "npm login". May need to update tokens in your CI systems for deployment as well. More on their status page. <a href="https://toot.cat/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programming</span></a></p>
Pyrzout :vm:<p>npm Malware Targets Atomic and Exodus Wallets to Hijack Crypto Transfers – Source:hackread.com <a href="https://ciso2ciso.com/npm-malware-targets-atomic-and-exodus-wallets-to-hijack-crypto-transfers-sourcehackread-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/npm-malware-targ</span><span class="invisible">ets-atomic-and-exodus-wallets-to-hijack-crypto-transfers-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/Cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cryptocurrency</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://social.skynetcloud.site/tags/Atomic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Atomic</span></a> <a href="https://social.skynetcloud.site/tags/Crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Crypto</span></a> <a href="https://social.skynetcloud.site/tags/Exodus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Exodus</span></a> <a href="https://social.skynetcloud.site/tags/Fraud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fraud</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> <a href="https://social.skynetcloud.site/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a></p>
Teddy / Domingo (🇨🇵/🇬🇧)<p><a href="https://framapiaf.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> Poisoned <a href="https://framapiaf.org/tags/Patches" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Patches</span></a> Infect Local <a href="https://framapiaf.org/tags/Software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Software</span></a>. Malicious packages lurking on open source repositories like <a href="https://framapiaf.org/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> have become less effective, so cyberattackers are using a new strategy: offering "patches" for locally installed programs.<br><a href="https://www.darkreading.com/cloud-security/open-source-poisoned-patches-infect-local-software" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/cloud-security</span><span class="invisible">/open-source-poisoned-patches-infect-local-software</span></a></p>
Hackread.com<p>🚨 Watch out as new npm malware targets Atomic and Exodus wallets to alter their addresses and hijack crypto transfer.</p><p>Read: <a href="https://hackread.com/npm-malware-atomic-exodus-wallets-hijack-crypto/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/npm-malware-atomi</span><span class="invisible">c-exodus-wallets-hijack-crypto/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://mstdn.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://mstdn.social/tags/Crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Crypto</span></a> <a href="https://mstdn.social/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a></p>
OTX Bot<p>Atomic and Exodus crypto wallets targeted in malicious npm campaign</p><p>Threat actors are employing new techniques to target the cryptocurrency community by uploading packages to popular open source repositories that apply malicious 'patches' to local versions of legitimate libraries. A recent campaign launched on April 1 published a package called 'pdf-to-office' on npm, which injected malicious code into locally installed Atomic Wallet and Exodus crypto wallet software. This attack overwrote existing files, allowing attackers to swap out intended wallet destination addresses with their own. The malicious package was designed to target specific versions of the wallets and included persistence mechanisms. This campaign is part of a larger trend of sophisticated software supply chain attacks targeting the cryptocurrency industry, highlighting the need for improved monitoring and security measures in both commercial and open-source software.</p><p>Pulse ID: 67f80a491ab75c1a71050453<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67f80a491ab75c1a71050453" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67f80</span><span class="invisible">a491ab75c1a71050453</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-04-10 18:13:29</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/Atomic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Atomic</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/NPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NPM</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/Office" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Office</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/PDF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PDF</span></a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RCE</span></a> <a href="https://social.raytec.co/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMS</span></a> <a href="https://social.raytec.co/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SupplyChain</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptocurrency</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
0x40k<p>Whoa, the latest news is pretty wild! 🤯 Apparently, there's malware popping up in npm packages again, specifically designed to snatch crypto wallet credentials. Seriously, navigating the software supply chain feels like walking through a minefield sometimes.</p><p>But hey, let's not hit the panic button just yet. It *is* a good reminder to be vigilant, though. First step? Definitely double-check your VS Code extensions – better safe than sorry, right?</p><p>And keep this in mind: automated scans are certainly useful, a good first line of defense even. However, nothing really digs deep like a thorough pentest. That's where you uncover the stuff scanners might miss. It truly makes a difference.</p><p>So, I'm curious – what are your go-to tools and strategies for embedding security right into your development workflow? Let's share some knowledge!</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentesting</span></a> <a href="https://infosec.exchange/tags/devsecops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>devsecops</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://infosec.exchange/tags/supplychainsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>supplychainsecurity</span></a></p>
Olivier Stuker (he/him)<p>npm: 3 moderate severity vulnerabilities</p><p>me: npm audit fix --force</p><p>npm: 5 moderate severity vulnerabilities</p><p>AAAAAAAAAAAAAAAAAAAAA</p><p><a href="https://toot.community/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>npm</span></a> <a href="https://toot.community/tags/nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nodejs</span></a> <a href="https://toot.community/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programming</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload