16:56
2026-05-14
safedep.io
ai-tools
Compromised node-ipc on npm: Credential Stealer via DNS Exfiltration
Three versions of the widely used npm package node-ipc (9.1.6, 9.2.3, and 12.0.1) were compromised on May 14, 2026, after an attacker took over the co-maintainer account "atiertant" and published maliβ¦