2 matches found
Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts. "This attack avoids the most common npm execution paths through lifecycle scripts, perhaps...
Android Malware Bypasses 2FA And Targets Telegram, Gmail Passwords
Researchers have uncovered a threat group launching surveillance campaigns that target victims’ personal device data, browser credentials and Telegram messaging application files. One notable tool in the group’s arsenal is an Android malware that collects all two-factor authentication 2FA securit...