Malicious NPM Libraries Caught Installing Password Stealer and Ransomware

Discussion in 'News Aggregator' started by Ravie Lakshmanan, 28 Oct 2021.

  1. Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox, the game company, with the goal of distributing stealing credentials, installing remote access trojans, and infecting the compromised systems with ransomware. The bogus packages — named "noblox.js-proxy" and "noblox.js-proxies" — were found to[​IMG]

    Continue reading...
     

Share This Page

Loading...