Popular #nodeipc #npm package compromised to steal credentials

https://www.bleepingcomputer.com/news/security/popular-node-ipc-npm-package-compromised-to-steal-credentials/

#cybersecurity

Node-ipc Package Infected with Credential-Stealing Malware

A malicious update to the widely-used node-ipc library has infected thousands of projects with credential-stealing malware, posing a significant supply-chain risk for developer environments and CI systems. With over 690,000 weekly downloads, this single compromised library could be exfiltrating sensitive data from countless unsuspecting users.

https://osintsights.com/node-ipc-package-infected-with-credential-stealing-malware?utm_source=mastodon&utm_medium=social

#SupplyChain #CredentialStealing #Malware #Nodeipc #Npm

Malicious Node-IPC Versions Expose Developer Secrets to Stealer Backdoor

Three versions of the popular Node IPC package have been compromised with a stealthy backdoor that can steal sensitive developer secrets, sparking urgent concerns about supply-chain security. The malicious versions, published under a fake account, contain heavily obfuscated code that springs into action when the package is loaded at…

https://osintsights.com/malicious-node-ipc-versions-expose-developer-secrets-to-stealer-backdoor?utm_source=mastodon&utm_medium=social

#MaliciousNodeipc #StealerBackdoor #SupplyChain #Npm #Nodeipc

https://gist.github.com/MidSpike/f7ae3457420af78a54b38a31cc0c809c

#nodeipc is #malware
#cybersecurity

https://gist.github.com/MidSpike/f7ae3457420af78a54b38a31cc0c809c

#nodeipc is #malware
#cybersecurity