package-hijacking
Safeguard articles tagged "package-hijacking" — guides, analysis, and best practices for software supply chain and application security.
4 articles
ua-parser-js npm hijack incident
In 2021, a hijacked npm account pushed cryptomining and password-stealing malware into ua-parser-js for 4 hours. Here's what happened and how to catch it faster.
npm package hijacking via expired maintainer domains
Attackers are hijacking npm packages by buying up maintainers' expired email domains to reset account passwords — here's how it works and how to detect it.
Monitoring Package Maintainer Changes as a Threat Signal
Most package hijacks start with a maintainer change nobody was watching. Registry metadata makes these events observable — if you bother to look.
npm Package ua-parser-js Compromised: 8 Million Weekly Downloads Weaponized
Attackers hijacked the ua-parser-js npm package account and published malicious versions containing cryptominers and password stealers. The package gets 8 million downloads per week.