A sophisticated supply chain attack hit the SAP developer ecosystem on April 29, 2026, compromising four widely-used npm packages with credential-stealing malware. The attackers modified package installation scripts to download the Bun JavaScript runtime a legitimate alternative to Node.js during the npm install process. This technique bypasses Node.js-based security monitoring by executing an 11.6 MB […] The post Attackers Hijack SAP npm Packages to Steal Dev Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/attackers-hijack-sap-npm/
