Sabotage: Code added to popular NPM package wiped files in Russia and Belarus Logo

Sabotage: Code added to popular NPM package wiped files in Russia and Belarus

0
Free
Updated 11 March 2025
Malware Analysis
Appsec
Bug Bounty
Open Source
Security Vulnerability
Software Security
Visit Website

A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of free and open source software. The application, node-ipc, adds remote interprocess communication and neural networking capabilities to other open source code libraries. As a dependency, node-ipc is automatically downloaded and incorporated into other libraries, including ones like Vue.js CLI, which has more than 1 million weekly downloads. A deliberate and dangerous act Two weeks ago, the node-ipc author pushed a new version of the library that sabotaged computers in Russia and Belarus, the countries invading Ukraine and pro

FEATURES

EXPLORE BY TAGS

Appsec

Bug Bounty

Open Source

Security Vulnerability

Software Security

SIMILAR TOOLS

YARA Silly Silly Logo
YARA Silly Silly

A semi-automatic tool to generate YARA rules from virus samples.

Free
Malware Analysis
Pylibemu Logo
Pylibemu

Python wrapper for the Libemu library for analyzing shellcode.

Free
Malware Analysis
Enjarify Logo
Enjarify

A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.

Free
Malware Analysis
jwt-heartbreaker Logo
jwt-heartbreaker

A Burp extension to check JWT tokens for potential weaknesses

Free
Malware Analysis
Viper Framework Logo
Viper Framework

Binary analysis and management framework for organizing malware and exploit samples.

Free
Malware Analysis
xssor2 Logo
xssor2

A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.

Free
Malware Analysis
Xss-Sql-Fuzz Logo
Xss-Sql-Fuzz

A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz

Free
Malware Analysis
yextend Logo
yextend

A tool designed to handle archive file data and augment Yara's capabilities.

Free
Malware Analysis
CLR Anti-Debugger/Profiler Code Logo
CLR Anti-Debugger/Profiler Code

Code to prevent a managed .NET debugger/profiler from working.

Free
Malware Analysis

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy