A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The root cause of the compromise was an expired domain name that attackers managed to register in order to hijack a maintainer’s account.
The node-ipc package has had malware added to its code in the past. In March 2022, following Russia’s invasion of Ukraine, the project’s creator intentionally added malicious code to the program to wipe files on systems with Russian or Belarusian IP addresses.
Node-ipc is a Node.js module that implements support for local and remote Inter-Process Communication over various types of socket across all major platforms...