{ads}

XMLRPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner



November 28, 2024 at 04:18PM

Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later adding malicious code to steal sensitive data and mine cryptocurrency on infected systems. The package, named @0xengine/xmlrpc, was originally published on October 2, 2023 as a JavaScript-based XML-RPC

from The Hacker News https://ift.tt/b9vJlnS

Related

Related Posts

0 Response to "XMLRPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads