JFrog Security Real Time Posts

Our research team found 3 malicious MCP servers with a total of 1.6K downloads, all containing the exact same payload - A reverse shell to hardcoded address.

Our team found a package exhibiting malware-like behaviour, that may pose a threat to organizational security. Even though promising some of the capabilities up front, we suspected the package, which led us to investigate further. This report details its persistence mechanisms, network reconnaissance capabilities, and multiple deployment vectors shown in the different versions evolution of the package.

The JFrog Security Resrarch team found that the Critical CVE-2025-53101 has additional, more concerning vulnerable commands in the package that had not been published.

Within the past day, a novel and sophisticated supply chain attack has targeted npm users through the compromise of the popular Nx build system.

While the initial report identified eslint-config-prettier versions 8.10.1, 9.1.1, 10.1.6, and 10.1.7 as affected, our analysis confirms that version 10.1.6 is SAFE.

Amazon Q VS Code extension v1.84.0 was compromised with a malicious commit that could trigger destructive AI-generated commands.

Attackers are hiding malware inside PyTorch models in PyPI packages mimicking Alibaba’s Aliyun. Once installed, the payload exfiltrates system data, highlighting the growing risk of malicious AI in developer tools.