Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Malicious Koishi Chatbot Plugin Exfiltrates Messages Trigger...
Malware and Vulnerabilities
May 20, 2025
Socket
A malicious npm package, koishi-plugin-pinhaofa, is targeting Koishi chatbot frameworks. Disguised as a spelling autocorrect plugin, it embeds a backdoor that exfiltrates messages containing 8-character hexadecimal strings to a hardcoded QQ account.
Read More
Koishi
NPM Package
Chat Bot
GitHub
Publisher
Previous
Critical Vulnerabilities in My Volkswagen App Expose Pe ...
Malware and Vulnerabilities
Next
O2 UK patches bug leaking mobile user location from cal ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/0657_shutterstock_1154271856.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_379989589.jpg)
