{ads}

Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack

Written By Wednesday 4 October 2023 Add Comment



October 04, 2023 at 04:46PM

A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what's an instance of a typosquatting campaign. It was downloaded 704

from The Hacker News https://ift.tt/b5OY2VD

0 Response to "Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads