all InfoSec news
New Campaign Distributes Malicious npm and PyPI Packages to Pilfer Kubernetes Config, SSH Keys
Malware Analysis, News and Indicators - Latest topics malware.news
Researchers have discovered a concerning surge in deceptive npm and PyPI packages distributed as part of a malicious campaign, aimed at extracting Kubernetes configurations and SSH keys from compromised systems.
The First Signs of the Campaign
The campaign was first identified on September 12, 2023, and has been ongoing since then.
Initially, a total of 14 malicious npm packages were identified as part of this campaign, published from different npm accounts:
- @am-fe/hooks
- @am-fe/provider
- @am-fe/request
- @am-fe/utils
- @am-fe/watermark
- @am-fe/watermark-core
- @dynamic-form-components/mui
- @dynamic-form-components/shineout …
campaign compromised distributed keys kubernetes malicious malicious npm npm packages pypi pypi packages researchers september ssh ssh keys systems