Platform
The most comprehensive AI-powered DevSecOps Platform
Explore our Platform
GitLab Duo (AI)
Build software faster with AI at every stage of development
Meet GitLab Duo
Why GitLab
10 reasons why Enterprises choose GitLab
Learn more
Get started with
Automation
CI/CD
AI-Assisted Development
Source Code Management
Automated Software Delivery
Security
Application Security Testing
Software Supply Chain Security
Software Compliance
Measurement
Visibility & Measurement
Value Stream Management
Analytics & Insights
View all Solutions
GitLab for
Pricing
Getting started
Install
Quick start guides
Learn
Product documentation
Best practice videos
Integrations
Discover
Customer success stories
Blog
Remote
Connect
GitLab Services
Community
Forum
Events
Partners
View all resources
Insights for the future of software development
About
Jobs
Events
Leadership
Team
Handbook
Investor relations
Trust Center
AI Transparency Center
Newsletter
Press
Talk to sales
Support portal
Customer portal

To search repositories and projects, login to gitlab.com.

Suggestions

GitLab Duo (AI)Code Suggestions (AI)CI/CD GitLab on AWS GitLab on Google Cloud Why GitLab?

Join GitLab Transcend on Feb 10 to learn how agentic AI transforms software delivery

GitLab discovers widespread npm supply chain attack

Published on: November 24, 2025

9 min read

GitLab discovers widespread npm supply chain attack

Malware driving attack includes "dead man's switch" that can harm user data.