Sam Stepanyan  🐘
#Rspack: a popular alternative to webpack - a JavaScript bundler written in Rust - #npm package with 300,000+ downloads/week version 1.1.7 compromised with attackers injecting cryptocurrency mining malware:
#SoftwareSupplyChainSecurity
👇
https://thehackernews.com/2024/12/rspack-npm-packages-compromised-with.html
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

Compromised Rspack npm packages exposed 445,000 users weekly to IP tracking and XMRig malware.

The Hacker News
Dec 20, 2024 at 11:05amWeb