NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

Posted Oct 2 2020-10-02T00:00:00+08:00 by PipisCrew

Multiple NodeJS packages laden with malicious code have been spotted on npm registry. These “typosquatting” packages served no purpose other than collecting data from the user’s device and broadcasting it on public GitHub pages.

https://securityreport.com/nodejs-malware-caught-exfiltrating-ips-username-and-device-information-on-github/

origin - https://www.pipiscrew.com/2020/10/nodejs-malware-caught-exfiltrating-ips-username-and-device-information-on-github/ nodejs-malware-caught-exfiltrating-ips-username-and-device-information-on-github

news

This post is licensed under CC BY 4.0 by the author.

NodeJS malware caught exfiltrating IPs, username, and device information on GitHub

Further Reading

Snapchat reportedly paid over $250 million for an app that lets you track your friends

WannaCry reportedly hitting speed cameras in Victoria

o7zip or RAR your project files and folders!

Trending Tags