all InfoSec news
Open-source repository malware sows Havoc
Malware Analysis, News and Indicators - Latest topics malware.news
As part of the ReversingLabs research team's ongoing surveillance of open source repositories, we have identified aabquerys, a malicious npm package that downloads second and third stage malware payloads to systems that have downloaded and run the npm package.
Since discovering the aabquerys package, npm has removed it from their repository along with other, malicious packages. We do not believe it poses any risk to development organizations at this point. However, the discovery of aabquerys and evidence of other malicious …
development discovery downloads havoc malicious malicious npm malicious packages malware npm npm package open source organizations package packages point repositories repository research reversinglabs risk run stage surveillance systems team third