New IronWorm malware hits 36 packages in npm supply-chain attack

MonkderVierte@lemmy.zip · 13 hours

Is this the same from a few days ago or the same? Hard to keep track.

treadful@lemmy.zip · 1 day

Another peculiarity discovered is that the operator hardcoded the recovery phrase of their own cryptocurrency wallet. The researchers say that the only reason for this is that the threat actor did not want the malware to steal it during the test stage.

Wait, what?

Kairos@lemmy.today · 9 hours

Virus coder doesn’t know how to make a VM. No surprise there.