{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiamtoezogfcdlq4e5f3lzk6it2kyxjtdvdiqdmld77hifdoyb55ii",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mm7tqcgxqeh2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreigvoyy6cgvcfo3yrpvvbdaq2awvfa5eqlrhkw4ojk7xmfbgvgbfsa"
    },
    "mimeType": "image/webp",
    "size": 32178
  },
  "path": "/malicious-node-ipc-npm-versions-expose-developer-secrets-in-supply-chain-attack/",
  "publishedAt": "2026-05-19T14:38:56.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Malicious node-ipc npm versions expose developer secrets in supply chain attack",
    "VPN Central"
  ],
  "textContent": "Three newly published versions of the popular node-ipc npm package were compromised with credential-stealing malware, creating risk for developers, CI/CD systems, and cloud environments that installed them. The affected versions are node-ipc 9.1.6, 9.2.3, and 12.0.1. Security researchers at Socket, StepSecurity, Snyk, and SafeDep identified the versions as malicious after they appeared on npm on […]\n\nThe post Malicious node-ipc npm versions expose developer secrets in supply chain attack appeared first on VPN Central.",
  "title": "Malicious node-ipc npm versions expose developer secrets in supply chain attack"
}