Npm Supply Chain
The latest Npm Supply Chain coverage — news, analysis, and updates from the WindowsNews.AI desk.
Fake PostCSS Package Drops Encrypted PowerShell RAT in NPM Typosquatting Attack
{ "title": "Fake PostCSS Package Drops Encrypted PowerShell RAT in NPM Typosquatting Attack", "content": "A sophisticated typosquatting attack on the npm registry has been caught delivering a...
Microsoft Exposes ‘Mastra’ Supply Chain Attack: Over 140 npm Packages Poisoned in Account Hijack
On June 17, 2026, Microsoft Threat Intelligence exposed a sprawling supply chain attack on the npm ecosystem after a malicious actor commandeered the account of a prolific maintainer and published...
Miasma npm Supply-Chain Attack: Red Hat Packages Hijacked to Steal CI/CD Credentials
Security researchers uncovered a brazen supply-chain attack on June 1, 2026, targeting the npm registry’s @redhat-cloud-services namespace. Malicious versions of several packages, used by thousands...
Malicious npm packages hit Windows dev machines in two-day dependency confusion campaign
Microsoft Threat Intelligence disclosed on May 29, 2026 that a fresh wave of dependency confusion attacks targeting the npm ecosystem leveraged malicious postinstall scripts to conduct reconnaissance...
Microsoft Exposes 14 Typosquatted npm Packages Published in 4 Hours to Steal CI/CD Secrets
A newly created npm maintainer account named vpmdhaj uploaded 14 typosquatted packages in a span of just four hours on May 28, 2026, Microsoft revealed in a security advisory. The rapid-fire campaign...
Axios npm Supply Chain Attack: How Install-Time Malware Compromised Millions of JavaScript Projects
On March 31, 2026, a malicious update to the Axios npm package transformed one of JavaScript's most trusted HTTP clients into a weaponized supply chain threat. The attack didn't require developers to...
Axios npm Supply Chain Attack: How Malicious Versions Delivered RAT via Install Scripts
On March 31, 2026, the JavaScript ecosystem faced one of its most significant supply chain attacks when malicious versions of the axios HTTP client library were published to npm. These compromised...
Axios Maintainer Account Hijacked in Sophisticated Social Engineering Attack
The Axios HTTP client library, downloaded over 50 million times weekly from npm, was compromised when attackers gained control of a maintainer's account through a sophisticated social engineering...