Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Malware found in NPM packages with 1 million weekly downloads
Threat Intel & Info Sharing
June 09, 2025
bleepingcomputer
A major supply chain attack has compromised 16 popular Gluestack 'react-native-aria' packages on NPM, affecting nearly 960,000 weekly downloads. The attack involves the injection of obfuscated remote access trojan (RAT) code.
Read More
NPM Supply Chain Attack
Gluestack
React Native Aria
Remote Access Trojan
JavaScript Security
Publisher
Previous
Over 20 Malicious Apps on Google Play Target Users for ...
Malware and Vulnerabilities
Next
Critical Path Traversal and RCE Vulnerabilities Patched ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/bc0f_shutterstock_1402323479.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/c8e4_shutterstock_2550174839.jpg)
