National Cyber Warfare Foundation (NCWF)

NPM ‘is’ Package with 2.8M Weekly Downloads Exploited in Attack on Developers
0 user ratings		2025-07-28 13:11:21
milo
Red Team (CNA)

The popular npm package ‘is’, which has about 2.8 million weekly downloads, has been taken over by threat actors in a sophisticated escalation of a phishing effort that was first disclosed last Friday. The attack began with emails spoofing npm’s [email protected] address, directing developers to a typosquatted domain, npnjs.com a near-identical proxy of the legitimate […]


The post NPM ‘is’ Package with 2.8M Weekly Downloads Exploited in Attack on Developers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/npm-is-package-with-2-8m-weekly-downloads-exploited/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2025 - National Cyber Warfare Foundation - All rights reserved worldwide.