Hundreds of #code #libraries posted to #NPM try to #install #malware on dev machines

source: arstechnica.com/security/2024/…

The malicious packages have names that are similar to legitimate ones for the Puppeteer and Bignum.js code libraries and for various libraries for working with #cryptocurrency.

Dependency hell 👎👿

#software #problem #development #library #dependency #security #cybersecurity #news #cybercrime #attack

Hundreds of code libraries posted to NPM try to install malware on dev machines

These are not the the developer tools you think they are.

^{Dan Goodin (Ars Technica)}