URL has been copied successfully!
Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Cybersecurity researchers have uncovered two hijacked npm packages and a cluster of Go packages that are designed to deploy a Python-based information stealer on compromised Windows, Linux, and macOS hosts.”This attack avoids the most common npm execution paths through lifecycle scripts, perhaps in an attempt to remain ‘compatible’ with npm v12’s security hardenings,” JFrog said in a

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/06/hijacked-npm-and-go-packages-use-vs.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link