{ads}

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper

Written By Thursday, 15 May 2025 Add Comment



May 15, 2025 at 03:30PM

Cybersecurity researchers have discovered a malicious package named "os-info-checker-es6" that disguises itself as an operating system information utility to stealthily drop a next-stage payload onto compromised systems. "This campaign employs clever Unicode-based steganography to hide its initial malicious code and utilizes a Google Calendar event short link as a dynamic dropper for its final

from The Hacker News https://ift.tt/vxlEb12

0 Response to "Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads