Supply Chain Incident

node-ipc peacenotwar protestware release

The node-ipc npm package included protestware behavior that modified files for users in certain geographies, creating downstream integrity and availability risk.

ConfidenceHigh

Evidence LevelResearcher

Attack StagePackage Publish

Source Artifact DivergenceNo

Affected Packages

node-ipc
peacenotwar

Affected Releases

No structured records.

Repositories

RIAEvangelist/node-ipc

Organizations

No structured records.

Maintainers

RIAEvangelist

Threat Actors

No structured records.

Campaigns

No structured records.

Build Systems

No structured records.

Distribution Channels

npm registry

Compromised Accounts

No structured records.

Connected Entities

node-ipc Package
npm registry Distribution Channel
peacenotwar Package
RIAEvangelist Maintainer
RIAEvangelist/node-ipc Repository

References

Peacenotwar malicious npm node-ipc package vulnerability Snyk · 2022-03-16