> TritonInfoSec News
Home / Jun 30, 2026 / Story
0
#10 The Hacker News general June 29, 2026 at 05:36 UTC

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

By [email protected] (The Hacker News)

AI Summary

JFrog researchers uncovered two hijacked npm packages and a cluster of Go packages engineered to deliver a Python-based infostealer on Windows, Linux, and macOS by exploiting VS Code task execution rather than npm lifecycle scripts — a technique apparently designed to bypass npm v12's new security hardenings. The attack targets developer environments directly through the software supply chain, making it particularly dangerous for organizations that trust internal build pipelines. Security teams should audit VS Code task configurations and monitor for unexpected Python process spawning in CI/CD environments.

Read full article → https://thehackernews.com/2026/06/hijacked-npm-and…

Relevance score: 76.0/100

# More from June 30

  1. 1
    U.S. offers $10 million for hackers targeting WhatsApp, Signal users BleepingComputer
  2. 2
    Critical SimpleHelp flaw exploited to deploy new stealer malware BleepingComputer
  3. 3
    Hackers now exploit critical Oracle E-Business flaw in attacks BleepingComputer
  4. 4
    Nissan discloses employee data breach linked to Oracle zero-day attacks BleepingComputer
  5. 5
    Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts The Hacker News
  6. 6
    Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw The Hacker News
  7. 7
    Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks The Hacker News
  8. 8
    Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse The Hacker News
  9. 9
    236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers The Hacker News