Skip to main content

Tag: jfrog

6 articles

Cluttered workstation with scattered papers, empty cans, and multiple screens displaying code amidst a sense of urgency.

Vulnerabilities Remain Unaddressed Despite Swift Remediation Efforts

Malicious npm packages have skyrocketed 451% year-over-year, highlighting a disturbing trend where old vulnerabilities continue to resurface and supply-chain abuse is scaling rapidly, putting organizations at risk. Despite swift remediation efforts, many critical vulnerabilities remain unaddressed.

Analyst 207
Laptops scattered in a brightly-lit university setting, hinting at cyber threat.

npm Packages Turned into DDoS Botnet via Student Proxies

In a shocking discovery, researchers uncovered 148 malicious npm packages that masqueraded as harmless student web proxies, but secretly turned browsers into a powerful DDoS botnet for nearly two weeks. These packages, cleverly disguised with benign names like "Lucide" and "Riverbend Tutoring," hid their true intentions beneath a façade of ads and monetization scripts.

Analyst 207
A cluttered workstation with a laptop, programming books, and notes in a well-lit office setting.

Malicious npm Package Exploits Supply Chain with Multi-Stage Windows RAT

Beware of sneaky impostors in your build dependencies - a recent discovery by JFrog revealed a malicious npm package masquerading as a popular JavaScript tool, hiding a multi-stage Windows remote access trojan. Treat similar-sounding package names with caution, as they could be potential delivery mechanisms for threats.

Analyst 207
Software development workspace with multiple computer screens and scattered papers.

Mastra Packages Compromised in Software Supply Chain Attack

A massive software supply chain attack just hit Mastra, with over 140 malicious packages published in a single day by a compromised npm account. The swift and coordinated assault, dubbed easy-day-js, unfolded over just two days, catching defenders scrambling to respond.

Analyst 207
A coding workstation with a laptop, development tools, and papers in a clean, neutral-colored room.

Bitwarden CLI npm package targeted in supply chain attack

Bitwarden swiftly contained a brief supply chain attack on its CLI npm package, confirming that a single malicious release was live for under two hours on April 22, 2026, and assuring users that their vault data remained safe. The incident was quickly remediated, with the compromised access revoked and the malicious release deprecated.

Analyst 207
Terminal screen on a laptop in a coding workspace displays code on a blurred background.

Bitwarden CLI Compromised in Checkmarx Supply Chain Attack

A rogue version of the Bitwarden CLI package, identified as @bitwarden/cli@2026.4.0, was compromised in a supply chain attack, stealing sensitive data like GitHub tokens and cloud secrets. The malicious code, hidden in a file called bw1.js, has already been distributed to users, putting their security at risk.

Analyst 207