Cybersecurity researchers have flagged a supply chain attack targeting over a dozen packages associated with GlueStack to deliver malware. The malware, introduced via a change to "lib/commonjs/index.js," allows an attacker to run shell commands, take screenshots, and upload files to infected machines, Aikido Security told The Hacker News, stating these packages collectively account for nearly 1 million weekly downloads. The unauthorized access could then be used to perform various follow-on actions like mining cryptocurrency, stealing sensitive information, and even shutting down services. Aikido said the first package compromise was detected on June 6, 2025, at 9:33 p.m. GMT. The list of the impacted packages and the affected versions is below – @gluestack-ui/utils version 0.1.16 (101 Downloads) @gluestack-ui/utils version 0.1.17 (176 Downloads) @react-native-aria/button version 0.2.11 (174 Downloads) @react-native-aria/checkbox version 0.2.11 (577 Downloads) @react-native-aria/combobox version 0.2.8 (167 Downloads) @react-native-aria/disclosure version 0.2.9 (N/A) @react-native-aria/focus version 0.2.10 (951 Downloads) @react-native-aria/interactions version 0.2.17 (420 Downloads) @react-native-aria/listbox version 0.2.10 (171 Downloads) @react-native-aria/menu version 0.2.16 (54 Downloads) @react-native-aria/overlay version 0.3.16 (751 Downloads) @react-native-aria/radio version 0.2.14 (570 Downloads) @react-native-aria/slider version 0.2.13 (264 Downloads)…Read More