Hundreds of #code #libraries posted to #NPM try to #install #malware on dev machines

source: https://arstechnica.com/security/2024/11/javascript-developers-targeted-by-hundreds-of-malicious-code-libraries/

The malicious packages have names that are similar to legitimate ones for the Puppeteer and Bignum.js code libraries and for various libraries for working with #cryptocurrency.

Dependency hell 👎👿

#software #problem #development #library #dependency #security #cybersecurity #news #cybercrime #attack