Recent reports have identified malicious packages across npm, Python, and Ruby repositories that exhibit various harmful behaviors. These include draining funds from cryptocurrency wallets, deleting codebases post-installation, and exfiltrating sensitive Telegram API data. Notably, the malicious gems mimic a legitimate library but redirect traffic to a command-and-control server. This situation arose shortly after Vietnam's nationwide Telegram ban, indicating that cybercriminals are exploiting regulatory changes to distribute malware. Researchers highlight the urgent need for vigilance in the software supply chain to prevent such attacks.
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens...
Collection
[
|
...
]