2 matches found
Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers' Systems
Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. "By mimicking the popular 'noblox.js' library, attackers...
Over a Dozen Malicious npm Packages Target Roblox Game Developers
More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy an open-source information stealer called Luna Token Grabber on systems belonging to Roblox developers. The ongoing campaign, first detected on August...