Four Malicious npm Packages Steal SSH Keys, Cloud Credentials, and Crypto Wallets
Source: Cybersecuritynews
Published:
<p>Four malicious npm packages capable of stealing SSH keys, cloud credentials, cryptocurrency wallets, and environment variables, while one variant quietly transforms infected machines into a DDoS botnet. The campaign appears to be the work of a single threat actor deploying multiple infostealer va