@Netzpalaver@social.tchncs.de
·
4d ago
Netzpalaver
@Netzpalaver@social.tchncs.de
Fundierte News und Artikel zu den Themen #Cloud, #Datacenter, #Sicherheit #Infrastruktur und #Telekommunikation sowie #disruptive Technologien.
social.tchncs.de
Manipulierte Red-Hat-npm-Pakete verbreiten neue Malware
#Cybersecurity #Cybersicherheit #Entwicklerwerkzeug #GitHub @jfrog #Malware #Miasma #NPM #RedHat #Linux #ShaiHulud #SupplyChain
https://netzpalaver.de/2026/06/14/manipulierte-red-hat-npm-pakete-verbreiten-neue-malware/
0
0
0
@arad@mastodon.projetretro.io
·
May 21, 2026
A Really Angry Developer
@arad@mastodon.projetretro.io
Nothing personnal. My name meaning "Can make you loose teeth". Post are mine , like/boosts doesn't mean endorse. If you feel offended that's because I wrote with you specifically in mind.
mastodon.projetretro.io
#introduction
So this is it, right ? The way we say "hello world" here.
So let's get the deed done. I'm arad, tired of the high mileage shit I was serve upon the internet buffet so I went to the local familly managed shit dinner.
My average day is wondering how modern software became that bad with the massive amounts of money invested in those over the years.
My nemesis will be #nodejs and #npm but python and #rust are pretty high on that list too.
If you"re offended by what I'm saying, congrats, indeed I wrote it especially with you in mind and also you may suffer from "Main Protagonist Syndrom".
Anyway., see you.
0
0
0
‘No Way To Prevent This,’ Says Only Package Manager Where This Regularly Happens | Kevin Patel
「 “It’s a shame, but what can you do? This is just the price of building modern web apps,” said Senior Frontend Engineer Mark Vance, echoing the sentiments of a community that completely relies on a 40-level-deep nested tree of unvetted packages maintained by pseudonymous strangers to capitalize a single string 」
https://kevinpatel.xyz/posts/no-way-to-prevent-this/
#npm #satire #cybersecurity
134
7
118
@sekurakbot@mastodon.com.pl
·
Apr 29, 2026
sekurak News
@sekurakbot@mastodon.com.pl
Bot publikujący najnowsze wiadomości sekurak.pl 
https://sekurak.pl Account by @kkrenski
mastodon.com.pl
Złośliwe aktualizacje pakietu pgserve (npm) wykradające poświadczenia i rozprzestrzeniające malware
Badacze z StepSecurity odkryli złośliwe aktualizacje pakietu pgserve w npm. Jest to narzędzie do uruchamiania lokalnych baz PostgreSQL do developmentu / testów. Zainfekowane wersje (1.1.11, 1.1.12 i 1.1.13) wstrzykują 1143-liniowy skrypt wykradający poświadczenia użytkownika. Jest on uruchamiany przy instalacji przez hook postinstall. TLDR: Nie jest to jednak “zwykły” infostealer, bo...
#WBiegu #Malware #Npm #Pgserve
https://sekurak.pl/zlosliwe-aktualizacje-pakietu-pgserve-npm-wykradajace-poswiadczenia-i-rozprzestrzeniajace-malware/
1
0
1
#Axios #npm Package Compromised: Supply Chain Attack Delivers Cross-Platform #RAT
https://snyk.io/blog/axios-npm-package-compromised-supply-chain-attack-delivers-cross-platform/
https://techcrunch.com/2026/03/31/hacker-hijacks-axios-open-source-project-used-by-millions-to-push-malware/
8
2
11
You've seen all posts