Security

NPM package ‘is’ with 2.8M weekly downloads infected devs with malware

Posted on July 23, 2025 by Onsite Computing, Inc.

The popular NPM package ‘is’ has been compromised in a supply chain attack that injected backdoor malware, giving attackers full access to compromised devices. […]

Go to Source
Author: Bill Toulas

Onsite Computing, Inc.

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.

More info