Multiple software supply chain attacks have hit the npm ecosystem, with threat actors using both malicious and poisoned versions of over 50 legitimate packages to distribute a Rust-based information stealer and a self-spreading worm, respectively.
According to JFrog, the information stealer “scrapes every secret it can find on a developer’s machine, hides behind an eBPF kernel rootkit, and…
Read the rest of the story at Read More
Source: The Hacker News
Recent News
Leave a Comment