Black & White Path

May 16, 2026 · Information Security

Node‑ipc Hit Again: Inside the Second Wave of npm Supply‑Chain Attacks

On May 14, 2026, security teams uncovered three malicious node‑ipc npm releases that used a Lily‑Pad account‑hijack technique to inject an 80 KB obfuscated payload, exfiltrate credentials via DNS TXT tunneling, and prompt immediate version audits and credential rotation.