all InfoSec news
Fake 'distube-config' npm package drops Windows info-stealing malware
Jan. 24, 2024, 3:08 p.m. | Ax Sharma
Sonatype Blog blog.sonatype.com
Sonatype has identified two npm packages distube-config and discordyt that typosquat open source packages like Discord modules, in an attempt to infect Windows users with a Trojan. Our security researcher, Juan Aguirre, who analyzed the malware shares some insights.
config discord drops fake infect info info-stealing malware insights malware modules npm npm package open source open source packages package packages researcher security security researcher sonatype stealing trojan vulnerabilities windows
More from blog.sonatype.com / Sonatype Blog
The essential duo of SCA and SBOM management
2 weeks, 5 days ago |
blog.sonatype.com
Automating and maintaining SBOMs
3 weeks, 5 days ago |
blog.sonatype.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Senior Software Engineer, Security
@ Niantic | Zürich, Switzerland
Consultant expert en sécurité des systèmes industriels (H/F)
@ Devoteam | Levallois-Perret, France
Cybersecurity Analyst
@ Bally's | Providence, Rhode Island, United States
Digital Trust Cyber Defense Executive
@ KPMG India | Gurgaon, Haryana, India
Program Manager - Cybersecurity Assessment Services
@ TestPros | Remote (and DMV), DC