Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
Malware and Vulnerabilities
May 15, 2025
The Hacker News
A newly discovered malicious npm package, os-info-checker-es6, masquerades as a utility for retrieving OS information but is designed to stealthily deliver a next-stage payload.
Read More
Malicious NPM Package
Os-Info-Checker-Es6
Google Calendar Abuse
Supply Chain Attack
Command and Control
Publisher
Previous
Fancy Bear campaign sought emails of high-level Ukraini ...
Threat Actors
Next
TransferLoader Malware Loader Deploys Morpheus Ransomwa ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/0d4c_Cy_Blog_FancyBear5.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/74cc_shutterstock_1752948716.jpg)
