A sophisticated supply chain attack targeting developers emerged on Friday, July 18, 2025, when cybercriminals compromised several popular npm packages, including the widely used eslint-config-prettier package.
The attack, dubbed "Scavenger" by security researchers due to multiple references to "SCVNGR" strings in the malware variants,...