CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

securestep9@infosec.exchange

@securestep9@infosec.exchange

Topics

S

#npm: TanStack npm packages (84 in total) compromised in a supply chain hack utilising a malicious payload designed to destroy files on developer machines if a stolen GitHub token is revoked ("dead-man's swithch"):#SoftwareSupplyChainSecurity👇
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized npm softwaresupplyc
1

0 Votes

1 Posts

0 Views

S

#npm: TanStack npm packages (84 in total) compromised in a supply chain hack utilising a malicious payload designed to destroy files on developer machines if a stolen GitHub token is revoked ("dead-man's swithch"):#SoftwareSupplyChainSecurityhttps://snyk.io/blog/tanstack-npm-packages-compromised/
S

#vm2 NodeJS Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution - patch now
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized vm2 npm
1

0 Votes

1 Posts

0 Views

S

#vm2 NodeJS Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution - patch now!Vm2 is used by 900+ #NPM packages:https://thehackernews.com/2026/05/vm2-nodejs-library-vulnerabilities.html

CIRCLE WITH A DOT

securestep9@infosec.exchange

Topics

#npm: TanStack npm packages (84 in total) compromised in a supply chain hack utilising a malicious payload designed to destroy files on developer machines if a stolen GitHub token is revoked ("dead-man's swithch"):#SoftwareSupplyChainSecurity👇

#vm2 NodeJS Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution - patch now