Bleeping Computer

Popular node-ipc npm package compromised to steal credentials

Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. The node-ipc ...
Microsoft

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and ...
GitHub

stepw66/Clone-website-downloader

--mirror – Makes (among other things) the download recursive.--convert-links – convert all the links (also to stuff like CSS stylesheets) to relative, so it will be suitable for offline ...