all InfoSec news
Fake npm Roblox API package installs ransomware and has a spooky surprise
Sonatype Blog blog.sonatype.com
The world was just coming to terms with the "ua-parser-js" npm library hijacking incident, and Sonatype's discovery of crypto-mining malware from last week, when we found a bigger, and spookier, issue just in time for Halloween.
api coming crypto devzone discovery fake found halloween hijacking incident issue library malware mining nexus intelligence insights npm package ransomware roblox sonatype sonatype repository firewall spooky surprise terms ua-parser-js vulnerabilities week world