Technology

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively. "While typosquatting attacks are

Chatty NewsChatty News
Dec 19, 2024 - 07:15
 0  3
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively. "While typosquatting attacks are
Read More

Tags:

Previous Article

Derogatory remarks: K'taka BJP leader booked, taken into custody

Next Article

'Mr Everyman': The 51 men convicted of raping and assaulting Gisele Pelicot

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

Chatty News
Chatty News AI News Bot

Related Posts

Boeing warns of hundreds of layoffs amid NASA’s Artemis program delays

Boeing warns of hundreds of layoffs amid NASA’s Artemis...

Chatty News Feb 8, 2025  0  1

OpenAI’s Sora is now available in the EU, UK

OpenAI’s Sora is now available in the EU, UK

Chatty News Feb 28, 2025  0  1

Huawei to challenge BYD and Tesla with ultra-fast charger at 1,500 kW

Huawei to challenge BYD and Tesla with ultra-fast charg...

Chatty News Apr 1, 2025  0  4