8 matches found
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below - node-telegram-utils 132 downloads node-telegram-bots-api...
Malicious code in jsonwebtoken-js (npm)
This package is a starjacking attack which bundles a cryptostealing payload. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a67accf60cbc8a078a152decc08231110bf5a933476b286672b5cf53d042e35 Any computer that has this package installed or running should be considered...
MAL-2024-11215 Malicious code in crypto-chalk (npm)
This package is a starjacking attack which bundles a cryptostealing payload. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8183583924c5f6f8fc0ab3f242d354d5ee91cf77816175d98f546ef2e631f8e Any computer that has this package installed or running should be considered...
Malicious code in keccak-crypto (npm)
This package is a starjacking attack which bundles a cryptostealing payload. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ded491472e4703368974a54f37663b29332b6a969e3e8fa8ccefec26d5b4c8a0 Any computer that has this package installed or running should be considered...
MAL-2024-11216 Malicious code in jsonwebtoken-js (npm)
This package is a starjacking attack which bundles a cryptostealing payload. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a67accf60cbc8a078a152decc08231110bf5a933476b286672b5cf53d042e35 Any computer that has this package installed or running should be considered...
Malicious code in crypto-chalk (npm)
This package is a starjacking attack which bundles a cryptostealing payload. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8183583924c5f6f8fc0ab3f242d354d5ee91cf77816175d98f546ef2e631f8e Any computer that has this package installed or running should be considered...
Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers' Systems
Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. "By mimicking the popular 'noblox.js' library, attackers...
W4SP Stealer Constantly Targeting Python Developers in Ongoing Supply Chain Attack
An ongoing supply chain attack has been leveraging malicious Python packages to distribute malware called W4SP Stealer, with over hundreds of victims ensnared to date. "The threat actor is still active and is releasing more malicious packages," Checkmarx researcher Jossef Harush said in a technic...