Tagged “malware”

1. TIL types of malicious npm attacks Jan 28, 2023 security npm malware

   In the case of ionicons, the miscreants published 18 versions containing malicious form-stealing code; for example, icon-package (according to NPM download stats) has over 17,000 downloads. Other typo-squatting examples include umbrellaks instead of umbrellajs and so on.

2. TIL malware in node_modules Jan 27, 2023 malware npm security hacking

   The very first line fetches the victim's country code using their IP address. If the victim is from Russia, Ukraine, Belarus, or Kazakhstan, then the malware exits early.

See all tags.