npm

nyc-config

nyc-config is identified in the SafeDep analysis "Typosquatt alert ! Malicious npm Package: nyc-config". Possible typosquatting against @istanbuljs/load-nyc-config with ~25M weekly downloads.

discovered 2025-03-13

Threat types

typosquat

Malicious versions

1.0.0

Campaigns

No Specific Campaignattributed-to

Techniques

ttpT1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
ttpT1059.007 Command and Scripting Interpreter: JavaScriptuses
ttpT1036 Masquerading: package impersonation and typosquattinguses
ttpT1105 Ingress Tool Transferuses

Read the full analysis →