A self-replicating worm has been quietly spreading across the npm registry using a method most security teams do not watch for. Instead of hiding inside package.json scripts, the attacker weaponized a tiny configuration file called binding.gyp to trigger malicious code the moment a developer runs npm install. The campaign hit dozens of packages across multiple […]
The post binding.gyp Supply Chain Attack Compromises Dozens of npm Packages Across Maintainer Accounts appeared first on Cyber Security News.