A malicious actor compromised the Jscrambler npm package and published several trojanized versions that included a hidden, cross-platform credential-stealing payload. The attack targeted developers, build pipelines, and CI/CD systems, where npm installations could access source code, cloud credentials, deployment tokens, and sensitive environment variables. Jscrambler npm Supply Chain Attack Socket’s Research Team detected the initial […]
The post Jscrambler npm Supply Chain Attack Steals Cloud Credentials and Crypto Wallet Secrets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: