Supply Chain Attack Hits Rspack Vant Npm Packages With Monero Miner

Supply Chain Attack Hits Rspack, Vant Npm Packages With Monero Miner

Supply Chain Attack Hits Rspack, Vant Npm Packages With Monero Miner Popular npm packages, rspack and vant, were recently compromised with malicious code. learn about the attack, the impact, and how to protect your projects from similar threats. A massive supply chain attack compromised 18 highly popular npm packages, which collectively received two billion weekly downloads, deploying sophisticated browser based malware designed to steal.

Supply Chain Attack Hits Rspack, Vant Npm Packages With Monero Miner

Supply Chain Attack Hits Rspack, Vant Npm Packages With Monero Miner 20 npm packages with 2b weekly downloads compromised after maintainer phishing led to crypto stealing malware. Supply chain attack infects npm packages with more than 2 billion weekly downloads incident hitting npm users is likely the biggest supply chain attack ever. According to cybersecurity researchers at sonatype, hackers compromised the popular npm packages rspack and vant to deploy a monero miner. A phishing led npm supply chain attack briefly compromised 18 popular packages (~2.6b weekly downloads), injecting code to hijack crypto wallet transactions. malicious versions were live for ~2.5 hours on sept 8, 2025, before removal. learn the impact, affected packages, iocs, and steps to secure builds, dependencies, and developer accounts.

Supply Chain Attack On Rspack Npm Packages Injects Cryptojacking Malware | Cyware Alerts ...

Supply Chain Attack On Rspack Npm Packages Injects Cryptojacking Malware | Cyware Alerts ... According to cybersecurity researchers at sonatype, hackers compromised the popular npm packages rspack and vant to deploy a monero miner. A phishing led npm supply chain attack briefly compromised 18 popular packages (~2.6b weekly downloads), injecting code to hijack crypto wallet transactions. malicious versions were live for ~2.5 hours on sept 8, 2025, before removal. learn the impact, affected packages, iocs, and steps to secure builds, dependencies, and developer accounts. In a supply chain attack, attackers injected malware into npm packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. Both rspack and vant have already addressed the issue, with the former urging users to immediately update to version 1.1.8 or later. vant has also called on users to promptly apply versions 4.9.15 and newer to avert the risk of compromise. Discover how 18 npm packages were compromised in a major supply chain attack. learn what happened, who’s affected, and how to protect your software supply chain. A significant supply chain security breach has been uncovered by cybersecurity researchers at sonatype and socket, affecting three widely used npm packages: @rspack/core, @rspack/cli, and vant.

Npm Packages From Rspack, Vant Compromised, Blocked By Sonatype

Npm Packages From Rspack, Vant Compromised, Blocked By Sonatype In a supply chain attack, attackers injected malware into npm packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack. Both rspack and vant have already addressed the issue, with the former urging users to immediately update to version 1.1.8 or later. vant has also called on users to promptly apply versions 4.9.15 and newer to avert the risk of compromise. Discover how 18 npm packages were compromised in a major supply chain attack. learn what happened, who’s affected, and how to protect your software supply chain. A significant supply chain security breach has been uncovered by cybersecurity researchers at sonatype and socket, affecting three widely used npm packages: @rspack/core, @rspack/cli, and vant.

Malicious Rspack, Vant Packages Published Using Stolen NPM Tokens | Vumetric Cyber Portal

Malicious Rspack, Vant Packages Published Using Stolen NPM Tokens | Vumetric Cyber Portal Discover how 18 npm packages were compromised in a major supply chain attack. learn what happened, who’s affected, and how to protect your software supply chain. A significant supply chain security breach has been uncovered by cybersecurity researchers at sonatype and socket, affecting three widely used npm packages: @rspack/core, @rspack/cli, and vant.

Crypto Mining Malware Hits Popular Rspack Npm Packages In Major Supply Chain Breach ...

Crypto Mining Malware Hits Popular Rspack Npm Packages In Major Supply Chain Breach ...

Massive NPM Supply Chain Attack - (September 8th, 2025)