3-ways-how-to-get-free-gems-in-clash-of-clans834 - npm Packa...
Malicious npm package 3-ways-how-to-get-free-gems-in-clash-of-clans834 removed after supply chain attack detected.
Summary
A malicious npm package named 3-ways-how-to-get-free-gems-in-clash-of-clans834 (version 1.0.2) was discovered and removed from the npm registry as part of a supply chain attack. The package, published by user micheal2520, was designed to deceive developers with a benign-sounding name while potentially delivering malicious payloads. Socket's security research flagged the dependency as high-risk before removal.
Full text
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →3-ways-how-to-get-free-gems-in-clash-of-clans8341.0.2 (latest) unpublishedPackage OverviewDependenciesMaintainers1Versions1AlertsFile ExplorerAdvanced toolsLicenseInstall SocketDetect and block malicious and high-risk dependenciesInstall3-ways-how-to-get-free-gems-in-clash-of-clans834 - npm Package File explorerPackage was removedSorry, it seems this package was removed from the registry/
Indicators of Compromise
- malware — 3-ways-how-to-get-free-gems-in-clash-of-clans834