2 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential stealer worm. A malicious actor managed to extract a GitHub Actions OIDC token from the runner process and publish tampered versions of 42 @tanstack/ packages to npm, which then spread ...
Sophisticated 'TajMahal APT Framework' Remained Undetected for 5 Years
Cybersecurity researchers yesterday unveiled the existence of a highly sophisticated spyware framework that has been in operation for at least last 5 years—but remained undetected until recently. DubbedTajMahal by researchers at Kaspersky Lab, the APT framework is a high-tech modular-based malwar...