all InfoSec news
Malicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHub
Jan. 23, 2024, 2:19 p.m. | info@thehackernews.com (The Hacker News)
The Hacker News thehackernews.com
The modules named warbeast2000 and kodiak2k were published at the start of the month, attracting 412 and 1,281 downloads before they were taken down by the npm
base64 developer downloads encrypted found github keys malicious malicious npm malicious packages modules npm npm package package packages registry ssh ssh keys start stolen store systems
More from thehackernews.com / The Hacker News
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Application Security Engineer - Remote Friendly
@ Unit21 | San Francisco,CA; New York City; Remote USA;
Cloud Security Specialist
@ AppsFlyer | Herzliya
Malware Analysis Engineer - Canberra, Australia
@ Apple | Canberra, Australian Capital Territory, Australia
Product CISO
@ Fortinet | Sunnyvale, CA, United States
Manager, Security Engineering
@ Thrive | United States - Remote