Fake npm install messages are the latest social engineering trick in the open source supply chain, with attackers abusing npm post”‘install scripts to silently deploy a crypto”‘stealing remote access trojan (RAT) in what ReversingLabs is calling the “Ghost campaign.” By wrapping their payloads in realistic but entirely bogus npm install logs, the threat actors turn […] The post Fake npm Install Messages Conceal RAT Malware in New Open Source Supply Chain Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/fake-npm-install-messages/
