Hackers Deploy Malicious npm Packages on GitHub to Steal SSH Keys

24 January 2024

Two malicious npm packages were discovered on the npm open source package manager, which leverages GitHub to store stolen Base64-encrypted SSH keys obtained from developer systems that installed the malicious npm packages. In recent weeks, two suspicious npm packages, namely warbeast2000 and kodiak2k, were discovered in multiple versions.

Source: GBHackers

Date:

24 January 2024

Categorie(s):

NEWS

Tag(s):

Developers, IT, Keys, Malicious, Packages

1,200+ Vulnerabilities Detected In Microsoft Products In 202329 April 2024
A week in security (April 22 – April 28)29 April 2024
Okta Warns of Credential Stuffing Attacks Using Proxy Services29 April 2024
Android Malware Brokewell With Complete Device Takeover Capabilities29 April 2024
Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware29 April 2024