Complex Mathematics

More popular npm packages hijacked to spread malware




  • A npm package maintainer has fallen victim to a phishing attack
  • The attackers accessed packages and updated them to carry malware
  • Most antivirus programs are still not properly flagging the malicious DLL

Several popular npm packages with millions of weekly downloads were targeted, and one used as a launchpad for malware deployment, when its maintainer fell prey to a phishing attack.

JounQin is a software developer that maintains eslint-config-prettier, eslint-plugin-prettier, synckit, @pkgr/core, and napi-postinstall.



Source link


Discover more from cplexmath tech stop

Subscribe to get the latest posts sent to your email.

Discover more from cplexmath tech stop

Subscribe now to keep reading and get access to the full archive.

Continue reading