A major security flaw in NPM’s Remote Dynamic Dependencies (RDD) feature has allowed attackers to flood the repository with malicious packages. The attack, tracked as PhantomRaven, exploited this weakness to download over 86,000 times, with 80 of the packages remaining available on Wednesday morning.
The issue lies in RDD’s ability to automatically pull down and run unvetted packages from untrusted domains. This allows attackers to flood NPM with malicious dependencies, which are invisible to developers and many security scanners. The PhantomRaven attack downloaded dependencies “fresh” from an attacker server each time a package is installed, rather than being cached or versioned.
This exposure highlights the growing sophistication of attackers in exploiting blind spots in traditional security tooling. Koi’s Oren Yomtov noted that RDD’s lack of visibility to static analysis makes it an attractive target for attackers.
Source: https://arstechnica.com/security/2025/10/npm-flooded-with-malicious-packages-downloaded-more-than-86000-times