Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias “botsailer” with the associated email anupm019@gmail[.]com, these packages represent a shift from traditional data theft to outright sabotage. New Wave of Sabotage […]

The post Malicious npm Utility Packages Enable Attackers to Wipe Production Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/malicious-npm-utility-packages-enable-attackers/