<![CDATA[Looks like we have another #supplychain attack underway, this time facing #SAP-related NPM packages.]]>Looks like we have another attack underway, this time facing -related NPM packages.

Link Preview Image
SAP npm Packages targeted with Credential-stealing Malware

So far, four SAP-related npm packages have been compromised where the preinstall scripts inject malicious preinstall hooks that bootstrap the Bun JavaScript runtime and executes an obfuscated credential stealer payload (…

favicon

IFIN (discourse.ifin.network)

]]>https://board.circlewithadot.net/topic/206a9507-ae4f-412a-82ee-e59095d29aea/looks-like-we-have-another-supplychain-attack-underway-this-time-facing-sap-related-npm-packages.RSS for NodeThu, 30 Apr 2026 14:30:20 GMTWed, 29 Apr 2026 16:25:36 GMT60