Malicious NPM Libraries Caught Installing Password Stealer and Ransomware

2021-10-28 00:05

Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox, the game company, with the goal of distributing stealing credentials, installing remote access trojans, and infecting the compromised systems with ransomware. The bogus packages — named "noblox.js-proxy" and "noblox.js-proxies" — were found to

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/q0WhleZjkjo/malicious-npm-libraries-caught.html

#libraries #NPM #ransomware