> TritonInfoSec News
Home / May 15, 2026 / Story
0
#9 The Hacker News general May 14, 2026 at 17:22 UTC

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

By [email protected] (The Hacker News)

AI Summary

Three versions of the widely used npm package node-ipc (9.1.6, 9.2.3, and 12.0.1) were confirmed malicious by Socket and StepSecurity, containing a stealer backdoor designed to exfiltrate developer secrets. The compromise of node-ipc — a package with broad ecosystem dependencies — represents a high-impact supply chain attack vector targeting CI/CD pipelines and developer workstations.

Read full article → https://thehackernews.com/2026/05/stealer-backdoor…

Relevance score: 77.0/100

# More from May 15

  1. 1
    Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks BleepingComputer
  2. 2
    OpenAI confirms security breach in TanStack supply chain attack BleepingComputer
  3. 3
    18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE The Hacker News
  4. 4
    Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026 BleepingComputer
  5. 5
    Major tech manufacturer Foxconn confirms cyberattack hit North American factories CyberScoop
  6. 6
    New Fragnesia Linux flaw lets attackers gain root privileges BleepingComputer
  7. 7
    Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation The Hacker News
  8. 8
    Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike The Hacker News
  9. 10
    Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday The Hacker News