Security News > 2023 > August > Malicious npm Packages Found Exfiltrating Sensitive Data from Developers

Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
2023-08-04 10:33

Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demonstrated increasing functionality and refinement," hours after which they were removed and re-uploaded under different


News URL

https://thehackernews.com/2023/08/malicious-npm-packages-found.html