The Hacker News

Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts

Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems. "Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers," Sonatype researcher Ax Sharma said. "However, [...] the latest

Mar 28, 2025 - 07:33
 0
Nine-Year-Old npm Packages Hijacked to Exfiltrate API Keys via Obfuscated Scripts
Cybersecurity researchers have discovered several cryptocurrency packages on the npm registry that have been hijacked to siphon sensitive information such as environment variables from compromised systems. "Some of these packages have lived on npmjs.com for over 9 years, and provide legitimate functionality to blockchain developers," Sonatype researcher Ax Sharma said. "However, [...] the latest
Read More

Tags:

Previous Article

Want to know the future of Windows 11? Microsoft just made it simple

Next Article

Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnera...

Related Posts

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices

CISA Warns of Sitecore RCE Flaws; Active Exploits Hit N...

Mar 27, 2025  0

New Snake Keylogger Variant Leverages AutoIt Scripting to Evade Detection

New Snake Keylogger Variant Leverages AutoIt Scripting ...

Feb 19, 2025  0

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation

CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Ami...

Feb 26, 2025  0