GIGAZINE

Fake Bun runtime infects over 1,000 NPM packages and 27,000 Github repositories with malware in just a few hours

On November 24, 2025, local time, HelixGuard, an open-source security research lab that conducts research on supply chain malware and vulnerabilities, discovered that over 1,000 components in the NPM ...