The well-known npm package eslint-config-prettier was released without authorization, according to several GitHub users, even though its repository did not contain any corresponding code changes. The maintainer later confirmed via social media that their npm account was compromised through a phishing email, affecting several packages including eslint-config-prettier versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7; eslint-plugin-prettier versions […]

The post Scavenger Malware Compromises Popular npm Packages to Target Developers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/scavenger-malware-compromises-popular-npm-packages/