JFrog security researchers Guy Korolevski and Meitar Palas uncovered a sophisticated supply chain attack on the npm ecosystem on March 12, 2026, in which threat actors disguised an information-stealing malware as a legitimate Roblox script executor. The campaign, self-named Cipher stealer, used two malicious packages bluelite-bot-manager and test-logsmodule-v-zisko, to deliver a Windows executable capable of harvesting Discord credentials, […]
The post Malicious npm Packages Posing as Solara Executor Target Discord, Browsers, and Crypto Wallets appeared first on Cyber Security News.
This article has been indexed from Cyber Security News
Read the original article: