Breach404
Back to Insights
Secure Software2 min readJuly 14, 2026

148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet

Attackers published 148 malicious npm packages disguised as student proxy tools that, when installed, turned users' browsers into a distributed denial-of-service botnet without their knowledge. Organizations should audit their npm dependencies immediately

Could your website be vulnerable to attacks like this?

Run a free 10-point security scan on your site — headers, SSL, DNS, and more. Results in 15 seconds.

Test Your Site Now — It's Free