URL has been copied successfully!
Three Malicious NPM Packages Target Developers’ Login Credentials
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Three Malicious NPM Packages Target Developers’ Login Credentials


Tags: , , , , , ,

Security researchers at Zscaler ThreatLabz have uncovered three malicious npm packages designed to install a sophisticated remote access trojan (RAT) targeting JavaScript developers. The packages, named bitcoin-main-lib, bitcoin-lib-js, and bip40, collectively registered over 3,400 downloads before being removed from the npm registry in November 2025. The attack exploits developer trust in the legitimate BitcoinJS project […] The post Three Malicious NPM Packages Target Developers’ Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/npm-packages-3/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. The 2024 cyberwar playbook: Tricks used by nation-state actors
  2. Password managers under increasing threat as infostealers triple and adapt
  3. Password managers under increasing threat as infostealers triple and adapt
  4. Password managers under increasing threat as infostealers triple and adapt