Tag: jfrog
6 articles

Vulnerabilities Remain Unaddressed Despite Swift Remediation Efforts
Malicious npm packages have skyrocketed 451% year-over-year, highlighting a disturbing trend where old vulnerabilities continue to resurface and supply-chain abuse is scaling rapidly, putting organizations at risk. Despite swift remediation efforts, many critical vulnerabilities remain unaddressed.

npm Packages Turned into DDoS Botnet via Student Proxies
In a shocking discovery, researchers uncovered 148 malicious npm packages that masqueraded as harmless student web proxies, but secretly turned browsers into a powerful DDoS botnet for nearly two weeks. These packages, cleverly disguised with benign names like "Lucide" and "Riverbend Tutoring," hid their true intentions beneath a façade of ads and monetization scripts.

Malicious npm Package Exploits Supply Chain with Multi-Stage Windows RAT
Beware of sneaky impostors in your build dependencies - a recent discovery by JFrog revealed a malicious npm package masquerading as a popular JavaScript tool, hiding a multi-stage Windows remote access trojan. Treat similar-sounding package names with caution, as they could be potential delivery mechanisms for threats.

Mastra Packages Compromised in Software Supply Chain Attack
A massive software supply chain attack just hit Mastra, with over 140 malicious packages published in a single day by a compromised npm account. The swift and coordinated assault, dubbed easy-day-js, unfolded over just two days, catching defenders scrambling to respond.

Bitwarden CLI npm package targeted in supply chain attack
Bitwarden swiftly contained a brief supply chain attack on its CLI npm package, confirming that a single malicious release was live for under two hours on April 22, 2026, and assuring users that their vault data remained safe. The incident was quickly remediated, with the compromised access revoked and the malicious release deprecated.

Bitwarden CLI Compromised in Checkmarx Supply Chain Attack
A rogue version of the Bitwarden CLI package, identified as @bitwarden/cli@2026.4.0, was compromised in a supply chain attack, stealing sensitive data like GitHub tokens and cloud secrets. The malicious code, hidden in a file called bw1.js, has already been distributed to users, putting their security at risk.