Mass NPM Supply Chain Attack Hits TanStack, Mistral AI, and 170 Packages
3 hours ago
- #malware
- #crypto-theft
- #npm-security
- The 'noon-contracts' npm package disguises itself as the Noon Protocol SDK.
- Upon installation, it steals SSH keys, cryptocurrency wallet private keys, and AWS credentials.
- It also performs live calls to AWS services such as STS, S3, and SecretsManager, and exfiltrates Kubernetes secrets.