Skip to content
The Nexus
DossierENTITY

npm registry

Coverage of npm registry in the Nexus archive.

Earliest in view: Apr 23 · 19:21 UTCMost recent: May 27 · 15:44 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYMay 27 · 15:44 UTCTHE HACKER NEWS
    Malicious npm Package Stole Files From Claude AI User Directory via GitHub

    A malicious npm package named 'mouse5212-super-formatter' was discovered to steal files from Anthropic's Claude AI user directory. Cybersecurity researchers from OX Security identified the package's ability to upload files from a specific directory used by Claude AI, highlighting a security risk for users of the AI tool.

  • SECURITYApr 23 · 19:21 UTCBLEEPING COMPUTER
    Bitwarden CLI npm package compromised to steal developer credentials

    The Bitwarden CLI was compromised when attackers uploaded a malicious @bitwarden/cli package to npm, containing a credential-stealing payload designed to spread to other projects. The incident highlights vulnerabilities in package registries and the risks of supply chain attacks.

npm registry · Dossier · The Nexus