Hundreds of malicious code packages target developers on NPM repository

Researchers have identified a new wave of attacks on the NPM repository, where hundreds of malicious code packages are being uploaded. These packages mimic legitimate libraries, targeting developers who use tools like Puppeteer and Bignum.js. The malicious packages conceal their true intent by hiding the IP addresses of their servers. Instead of showing the address directly, they retrieve it from an Ethereum smart contract, complicating detection efforts. This follows a recent attack that targeted developers using Ethers.js forks. Security experts emphasize that supply chain attacks remain a significant threat in the software development community.