Skip to content
The Nexus
DossierENTITY

StepSecurity

Coverage of StepSecurity in the Nexus archive.

Earliest in view: Apr 22 · 17:33 UTCMost recent: Jun 17 · 07:38 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 17 · 07:38 UTCTHE HACKER NEWS
    144 Mastra npm Packages Compromised via Hijacked Contributor Account

    144 npm packages under the Mastra namespace (@mastra/*) were compromised in a supply chain attack named easy-day-js. A single npm account (ehindero) was used to mass-publish malicious packages, according to findings from JFrog, SafeDep, Socket, and StepSecurity.

  • SECURITYMay 14 · 17:22 UTCTHE HACKER NEWS
    Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

    Cybersecurity researchers found malicious activity in three versions of node-ipc, specifically [email protected], [email protected], and [email protected], which target developer secrets. The affected npm packages are part of the node-ipc library. This discovery raises concerns about the security of developer tools.

  • SECURITYMay 12 · 12:00 UTCTHE REGISTER
    Cache-poisoning caper turns TanStack npm packages toxic

    An attacker published 84 malicious versions of TanStack npm packages, leading to credential theft and disk wipe, as part of a wave of attacks across npm and PyPI. The attack was detected within 30 minutes by StepSecurity, triggering incident response and npm deprecation. GitHub has published a security advisory with recommended actions.

  • SECURITYApr 30 · 16:31 UTCTHE HACKER NEWS
    PyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal Credentials

    Threat actors compromised the PyTorch Lightning Python package, publishing malicious versions 2.6.2 and 2.6.3 on April 30, 2026, to steal credentials. Security firms Aikido Security, Socket, and StepSecurity reported the attack, which is part of an ongoing supply chain campaign.

  • SECURITYApr 29 · 16:26 UTCTHE HACKER NEWS
    SAP npm Packages Compromised by “Mini Shai-Hulud” Credential-Stealing Malware

    Cybersecurity researchers have identified a supply chain attack campaign targeting SAP-related npm packages with the 'Mini Shai-Hulud' credential-stealing malware. Multiple security firms, including Aikido Security, SafeDep, Socket, StepSecurity, and Wiz, reported the compromise affecting SAP's JavaScript and cloud application packages.

  • SECURITYApr 22 · 17:33 UTCTHE HACKER NEWS
    Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

    Cybersecurity researchers have identified compromised npm packages delivering a self-propagating worm that steals developer tokens to spread through supply chains. The worm, named CanisterSprawl by Socket and StepSecurity, uses an ICP canister to exfiltrate stolen data.

StepSecurity · Dossier · The Nexus