Mastodawn

Suspected hijacked developer accounts used to push npm malware, with packages like "sbx-mask" and "touch-adv" stealing credentials from infected systems. If installed, rotate keys and check network activity now.

Read: https://hackread.com/suspected-hijacked-developer-accounts-npm-malware/

#CyberSecurity #npm #Malware #DevSecOps

Suspected Hijacked Developer Accounts Spread npm Malware

Sonatype uncovers a malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?

Hackread - Cybersecurity News, Data Breaches, AI and More