Hackers drop 'self-propagating’ malware in fresh supply chain attack

The malicious code creates a 'cascading compromise effect' into dependent ecosystems across npm's registry.

Kiera Fields

Sep 16, 2025 - 3 min read

Image credit: https://unsplash.com/@hdbernd

Get the full story: Subscribe for free

Join peers managing over $100 billion in annual IT spend and subscribe to unlock full access to The Stack’s analysis and events.

Already a member? Sign in

Success! You now have access to additional content.