Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems

June 11, 2025 invoker category_news

Security Update News

Update Information

Title Hidden Backdoors in npm Packages Let Attackers Wipe Entire Systems
Update ID HACKREAD:10D37A79E1C6CFE89E9E0FF76854874D
Type hackread
Published 2025-06-09T19:13:12
Last Updated 2025-06-09T19:13:12

Security Impact

CVSS Score 0.0
Severity NONE
Attack Vector

Affected CVEs

Update Details

Malicious npm packages found with hidden endpoints that wipe systems on command. Devs warned to check dependencies for express-api-sync, system-health-sync-api.

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.