npm Archives

‘Mini Shai-Hulud’ malware compromises hundreds of open-source packages in sprawling supply-chain attack

The campaign hit major registries and hid behind legitimate-looking release signatures, showing how attackers can weaponize the software update process itself.

May 12, 2026 By Greg Otto

Binary code depicted in waves. (iStock/Getty Images)

Shai-Hulud worm returns stronger and more automated than ever before

Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours.

Nov 24, 2025 By Matt Kapko

APT33 changed their code after a report in March. (Getty)

When ‘minimal impact’ isn’t reassuring: lessons from the largest npm supply chain compromise

Commentary that downplays the compromise’s impact misses the point, the co-founder of Sonatype argues.

Sep 15, 2025 By Brian Fox

The npm incident frightened everyone, but ended up being nothing to fret about

Disaster was averted after widely used open-source packages were compromised via social engineering.

Sep 10, 2025 By Matt Kapko

In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)

Lazarus Group deceives developers with 6 new malicious npm packages

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

Mar 12, 2025 By Matt Kapko