Tag: javascript build tools

1 article

A cluttered workstation with a laptop, programming books, and notes in a well-lit office setting.

Malicious npm Package Exploits Supply Chain with Multi-Stage Windows RAT

Beware of sneaky impostors in your build dependencies - a recent discovery by JFrog revealed a malicious npm package masquerading as a popular JavaScript tool, hiding a multi-stage Windows remote access trojan. Treat similar-sounding package names with caution, as they could be potential delivery mechanisms for threats.

Analyst 207Jun 23, 2026