Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm registry. The latest

Posted from: Click here for the full article.

留言

此網誌的熱門文章

What Is Attack Surface Management?

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables