The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware.
Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm registry. The latestRead More
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack [email protected] (The Hacker News)
by
Tags: