Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias >>botsailer<< with the associated email anupm019@gmail[.]com, these packages represent a shift from traditional data theft to outright sabotage. New Wave of Sabotage […] The post Malicious npm Utility Packages Enable Attackers to Wipe Production Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/malicious-npm-utility-packages-enable-attackers/
