Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Two NPM Packages With 22 Million Weekly Downloads Found Backdoored
Malware and Vulnerabilities
November 08, 2021
The Hacker News
The two libraries are "coa," a parser for command-line options, and "rc," a configuration loader, both of which were tampered with by an unknown threat actor to include password-stealing malware.
Read More
credential stealer
npm Packages
rc package
coa package
DanaBot Malware
Publisher
Previous
Threat Actors Rob Cryptocurrency from bZx DeFi Platform
Breaches and Incidents
Next
KdcSponge, NGLite, Godzilla Webshell Used in Targeted A ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/c40f_shutterstock_1036293094.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_389659237.jpg)
