node-gyp

mentions 1 type Organization feed RSS

// recent coverage 1 mentions

13:25

2026-06-09

aikido.dev

ai-safety

Wait, binding.gyp Can Do What? Exploring npm's Weirdest Build System

A new variant of the Miasma worm has been discovered exploiting npm's binding.gyp build file to execute malicious code during package installation, bypassing traditional package.json script audits. Th…

// co-occurs with top 7 entities

npm 1 Red Hat 1 GYP 1 Miasma 1 PyPI 1 GitHub 1 Node.js 1