MicrosoftSystem64 Malware Abuses Hugging Face for Stealthy Data Theft
Source: Gbhackers
Published:
<p>A sophisticated supply chain attack targeting the npm ecosystem has been uncovered, involving a malicious package named js-logger-pack that evolved into a powerful cross-platform malware loader. First observed in early April 2026, the package went through 29 incremental versions, gradually transf