Timeline

Phantom Gyp

Phantom Gyp is a supply-chain attack variant observed on 3 June 2026 that weaponises the binding.gyp native-build configuration file to execute malicious code during npm install via Node's native compiler, evading preinstall and postinstall hook monitors.

1 of 1 entries (1 events, 0 interactions)

Filters

EventsMentionsInteractions

#73 Jun

Executed malicious code via Node's native build compiler step, evading npm hook monitors

Cybersecurity: Threats and Defences: Attack worm kit now open-sourced freely

← Back to Phantom Gyp