URL has been copied successfully!
Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Packagist Supply Chain Attack Infects 8 Packages Using GitHub-Hosted Linux Malware


Tags: , , , , ,

A new “coordinated” supply chain attack campaign has impacted eight packages on Packagist including malicious code designed to run a Linux binary retrieved from a GitHub Releases URL.”Although the affected packages were all Composer packages, the malicious code was not added to composer.json,” Socket said. “Instead, it was inserted into package.json, targeting projects that ship JavaScript

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/05/packagist-supply-chain-attack-infects-8.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Top 7 zero-day exploitation trends of 2024
  2. Linux wiper malware hidden in malicious Go modules on GitHub
  3. 6 ways hackers hide their tracks
  4. Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack