NodeJS malware caught exfiltrating IPs, username, and device information on GitHub
NodeJS malware caught exfiltrating IPs, username, and device information on GitHub Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These “typosquatting” packages served no purpose other than collecting data from the user’s device and broadcasting it on public GitHub pages. The findings were spotted by Sonatype’s automated malware detection systems and further […]
