Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto

Technology

Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto
As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.
The packages, published under three different accounts, come with an install‑time script that’s triggered during npm install, Socket security researcher Kirill Boychenko said in a

Read original source here.

Products You May Like

Articles You May Like

Trump Uses Minnesota Political Assassination By His Supporter To Attack Tim Walz
[Oops! Corrected Link] Read Harder 2025 Halfway Check-In Survey
AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
Donald Trump’s Military Birthday Parade Was a Gross Failure
Book Riot’s Deals of the Day for June 16, 2025