Malicious NPM Libraries Caught Installing Password Stealer and Ransomware

In The Hacker News - Original news source is thehackernews.com by Blog Writer

Post Sharing
Malicious actors have yet again published two more typosquatted libraries to the official NPM repository that mimic a legitimate package from Roblox, the game company, with the goal of distributing stealing credentials, installing remote access trojans, and infecting the compromised systems with ransomware.
The bogus packages — named “noblox.js-proxy” and “noblox.js-proxies” — were found to