Two malicious npm packages were discovered on the npm open source package manager, which leverages GitHub to store stolen Base64-encrypted SSH keys obtained from developer systems that installed the malicious npm packages. In recent weeks, two suspicious npm packages, namely warbeast2000 and kodiak2k, were discovered in multiple versions. As of writing, both the packages were removed […]
The post Hackers Deploy Malicious npm Packages on GitHub to Steal SSH Keys appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.
Free Trial
Streaming Malware Service
Open Suspicious Files & Links in the ANY RUN Sandbox Safely; Try All Features for Free. Understand malware behavior, collect IOCs, and easily map malicious actions to TTPs — all in our interactive sandbox.
Source: gbHackers
Source Link: https://gbhackers.com/malicious-npm-ssh-key/