August 31, 2023
An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories.
“The threat actor behind this campaign has been linked to malicious activity dating back to 2021,” software supply chain security firm Checkmarx said in a report shared
“The threat actor behind this campaign has been linked to malicious activity dating back to 2021,” software supply chain security firm Checkmarx said in a report shared
Article posted by: https://thehackernews.com/2023/08/malicious-npm-packages-aim-to-target.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com
