malware npm
supabase-javascript
discovered 2026-05-13supabase-javascript is identified in the SafeDep analysis "Malicious npm Packages Backdoor Claude Code Sessions". >-
Threat types
rat persistence
Malicious versions
- 2.98.3
Campaigns
Indicators
Techniques
- ttp T1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
- ttp T1059.007 Command and Scripting Interpreter: JavaScriptuses
- ttp T1539 Steal Web Session Cookieuses
- ttp T1105 Ingress Tool Transferuses
- ttp T1071.001 Application Layer Protocol: Web Protocolsuses
- ttp T1102 Web Serviceuses
- ttp T1546 Event Triggered Executionuses
