Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

thehackernews.com·May 18, 2026

Cybersecurity researchers have identified four new npm packages containing information-stealing malware, including a clone of the Shai-Hulud worm, with the most notable being chalk-tempalte, which has 825 downloads.

Given the discovery of malicious npm packages, including a clone of the Shai-Hulud worm, it's crucial for cybersecurity professionals to enhance their threat intelligence and monitoring of open-source library dependencies. Specifically, integrating automated tools to detect and block known malicious packages like "chalk-tempalte" and others in your software supply chain could mitigate risks associated with information-stealing malware.

Want more content like this?

twixb tracks your favorite blogs and social media, filters by keywords, and delivers personalized key learnings — straight to your inbox.

Create Your Own →Explore Newsfeeds

More from Cybersecurity News

Recent stories curated alongside this one.

Browse all Cybersecurity News →

Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

Want more content like this?

More from Cybersecurity News

Microsoft shares mitigation for YellowKey Windows zero-day

Risky Business #838 -- GitHub investigates possible breach

Risky Bulletin: Microsoft takes down crime SaaS used by ransomware gangs

Verizon DBIR 2026: Vulnerability Exploitation Overtakes Credential Theft as Top Breach Vector

Max-severity flaw in ChromaDB for AI apps allows server hijacking