Malicious npm packages steal data and launch DDoS bot
Source: Foro3D
Published:
<p>The development community faces a new threat in the npm ecosystem. Four malicious packages have been detected distributing information-stealing malware along with the Phantom Bot DDoS bot. Once installed, these components compromise system security by extracting credentials, keys, and sensitive d