Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack

Written By Auto Tech Wednesday, 4 October 2023 Add Comment

October 04, 2023 at 04:46PM

A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what's an instance of a typosquatting campaign. It was downloaded 704

from The Hacker News https://ift.tt/b5OY2VD

Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack
Pentesters: Is AI Coming for Your Role?
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

{ads}

Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack

Related

0 Response to "Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads

{ads}

Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack

Related

Related Posts

0 Response to "Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads