Security News > 2025 > April > Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
2025-04-19 15:11
Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below - node-telegram-utils (132 downloads) node-telegram-bots-api (82 downloads) node-telegram-util (73 downloads) According to supply chain
News URL
https://thehackernews.com/2025/04/rogue-npm-packages-mimic-telegram-bot.html
Related news
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials (source)
- SPIRE: Toolchain of APIs for establishing trust between software systems (source)
- Microsoft fixes Linux boot issues on dual-boot Windows systems (source)
- New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto (source)
- Botnet hacks 9,000+ ASUS routers to add persistent SSH backdoor (source)