3 matches found
Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack
A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package...
MAL-2023-7938 Malicious code in node-hide-console-windows (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ffa61f9df29f0ec2845ac6191bc7bcf26ddfd4901abd17d21359a4c5c4cd2a6b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in node-hide-console-windows (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ffa61f9df29f0ec2845ac6191bc7bcf26ddfd4901abd17d21359a4c5c4cd2a6b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...