Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

/in

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems.
“Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers,” Sonatype researcher Ax Sharma said. “However, […] the latest

The Hacker News – ​Read More

Iran’s MOIS-Linked APT34 Spies on Allies Iraq & YemenIran’s MOIS-Linked APT34 Spies on Allies Iraq & YemenMozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day VulnerabilityMozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day ...