10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

Written By Auto Tech Wednesday, 29 October 2025 Add Comment

October 29, 2025 at 02:04PM

Cybersecurity researchers have discovered a set of 10 malicious npm packages that are designed to deliver an information stealer targeting Windows, Linux, and macOS systems. "The malware uses four layers of obfuscation to hide its payload, displays a fake CAPTCHA to appear legitimate, fingerprints victims by IP address, and downloads a 24MB PyInstaller-packaged information stealer that harvests

from The Hacker News https://ift.tt/ifmgljh

{ads}

10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux

0 Response to "10 npm Packages Caught Stealing Developer Credentials on Windows, macOS, and Linux"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads