Flutterby™! : Another day, another list of npm package exploits

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

Another day, another list of npm package exploits

2025-05-24 00:46:29.203573+02 by Dan Lyke 0 comments

60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign

Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.

Via Bleeping Computer

[ related topics: Weblogs broadband Current Events ]

comments in ascending chronological order (reverse):