Supply Chain Attack Targets Rspack and Vant NPM Packages with Monero Miner
On December 20, 2024, a series of cyberattacks targeting prominent npm packages, including @rspack/core and @rspack/cli, raised significant concerns within the software development community. Attackers exploited a compromised npm token to inject malicious code into the updates of these widely-used packages, which are integral to numerous JavaScript applications globally. This…