One In Two New Npm Packages Is SEO Spam Right Now
Out of the ~320k new npm packages or versions that Sandworm has scanned over the past week, at least ~185k were labeled as SEO spam. Just in the last hour as of writing this article, 1583 new e-book spam packages have been published.
All the identified spam packages are currently live on npmjs.com.
Here’s a breakdown of the main attacker profiles for the week’s worth of data we’re sampling in this article (22-29 Mar 2023)