#wrapper *:not(#noScriptAlert) { opacity: 0.75; } #noScriptAlert { display: block; }

Please turn on your JavaScript for this page to function normally.

Acumen Cyber

npm

Fake npm 2FA reset email led to compromise of popular code packages

September 9, 2025

Malicious versions of at least 18 widely used npm packages were uploaded to the npm Registry on Monday, following the compromise of their maintainer’s account. …

Featured news

Resources

Don't miss

Cybersecurity news

HNS Daily

Daily newsletter sent Monday-Friday

HNS Newsletter

Weekly newsletter sent on Mondays

InSecure Newsletter

Editor's choice newsletter sent twice a month

Breaking news

Periodical newsletter released when there is breaking news

Cybersecurity jobs

Weekly newsletter listing new cybersecurity job positions

Open source

Monthly newsletter focusing on open source cybersecurity tools

I have read and agree to the terms & conditions