Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Malicious NPM Packages Caught Exfiltrating Kubernetes Config, SSH Keys
Malware and Vulnerabilities
September 20, 2023
Sonatype
The malicious software packages impersonate legitimate JavaScript libraries and components, but upon installation, they run obfuscated code to collect and siphon sensitive files.
Read More
Kubernetes configurations
SSH keys
npm registry
Obfuscated Code
data theft
Publisher
Previous
Chinese-Language Speakers Targeted with Sainbox RAT, Va ...
Malware and Vulnerabilities
Next
Cyberattack on Kansas Town Affects Email, Phone, Paymen ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_185267180.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/66ac_shutterstock_321052340.jpg)
