{"id":4961,"date":"2025-07-20T11:11:43","date_gmt":"2025-07-20T11:11:43","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/07\/20\/malware-injected-into-6-npm-packages-after-maintainer-tokens-stolen-in-phishing-attack\/"},"modified":"2025-07-20T11:11:43","modified_gmt":"2025-07-20T11:11:43","slug":"malware-injected-into-6-npm-packages-after-maintainer-tokens-stolen-in-phishing-attack","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/07\/20\/malware-injected-into-6-npm-packages-after-maintainer-tokens-stolen-in-phishing-attack\/","title":{"rendered":"Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack"},"content":{"rendered":"

\u200bCybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers’ npm tokens.
\nThe captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories.
\nThe list of affected\u00a0Cybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers’ npm tokens.
\nThe captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective GitHub repositories.
\nThe list of affected\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"

\u200bCybersecurity researchers have alerted to a supply chain attack that has targeted popular npm packages via a phishing campaign designed to steal the project maintainers’ npm tokens. The captured tokens were then used to publish malicious versions of the packages directly to the registry without any source code commits or pull requests on their respective… Read More »Malware Injected into 6 npm Packages After Maintainer Tokens Stolen in Phishing Attack<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":4962,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/4961"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=4961"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/4961\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/4962"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=4961"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=4961"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=4961"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}