Tag: malicious npm packages
Two Malicious npm Packages Aim to Steal Credentials and Other Secrets
Jeff Burt | | API Keys, CI/CD pipelines, credential theft, Data Exfiltration, exposed secrets, GitHub repositories, maintainer account, malicious npm packages, sonatypeBad actors took over a npm maintainer account and have published two malicious packages designed to steal credentials, API keys, and other secrets from the computers of victims who download them from ...
N. Korean Famous Chollima Hackers Use Malicious npm Packages to Steal Data
Jeff Burt | | Contagious Interview, Famous Chollima, infostealer, linux, macOS, malicious npm packages, Microsoft Windows, Pastebin, remote access trojan (RAT), Socket, software developers, typosquattingA group of more than two dozen malicious npm packages used to steal secrets and credentials from software developers has all the hallmarks – from infrastructure to operations – of Famous Chollima, ...
