Security Affairs

OCTOBER 17, 2020

“It is possible that all four packages were authored by the same attacker(s) despite conflicting data provided in the package.json manifests.” The malicious code could work on both Windows and *nix operating systems, including major distros, including Linux, FreeBSD, OpenBSD. ” reported Bleeping Computer.

Libraries 139

Libraries Security Access IT 139

Security Affairs

DECEMBER 1, 2020

db-json.js “ Both packages were created by the same author last week who masqueraded them as tools to work with JSON files. . “This time, the typosquatting packages identified by us are laced with a popular Remote Access Trojan (RAT).” ” states the post published by Sonatype. “The malicious packages are: jdb.js

Libraries 94

Libraries File names Access Security 94

Security Affairs

NOVEMBER 10, 2020

Sonatype researcher Ax Sharma discovered an npm package, dubbed discord.dll , that contains malicious code designed to steal sensitive files from a user’s browsers and Discord application. Security researchers discovered today an npm package that contains malicious code designed to steal sensitive Discord and browser files.

Libraries 101

Libraries Security Access IT 101

Security Affairs

NOVEMBER 23, 2020

was published to npm by the same author luminate_ aka Luminate-D who is also behind additional malware discovered last week: discord.dll , discord.app, wsbd.js, and ac-addon. has scored just under a 100 downloads as Sonatype discovered it almost immediately after the author published it. About the author: Ax Sharma.

Archiving 133

Archiving IT Security Education 133