Security News > 2024 > September > Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers’ Systems
2024-09-02 03:36
Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. "By mimicking the popular 'noblox.js' library, attackers have published dozens of packages designed to steal sensitive data and compromise systems," Checkmarx
News URL
https://thehackernews.com/2024/09/malicious-npm-packages-mimicking.html
Related news
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor (source)
- BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers (source)
- Malicious NPM Packages Target Roblox Users with Data-Stealing Malware (source)