Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised
2 days ago
- #npm
- #malware-analysis
- #credential-stealer
- Compromised node-ipc versions 9.1.6, 9.2.3, and 12.0.1 on npm were analyzed.
- A maintainer account takeover led to injection of an 80KB obfuscated credential stealer.
- The malware targets over 100 sensitive files, including SSH keys, using DNS exfiltration.