Read the original article: Fake npm Packages Found in GitHub Repository
Security researchers discovered four vulnerable npm packages uploaded to GitHub that were capable of collecting the user’s IP address, geolocation and device hardware data. Not all attacks have a high-visibility profile. Some threat actors use much more subtle channels to spread malware. In this case, it’s about four npm packages typically used by developers to […]
Read the original article: Fake npm Packages Found in GitHub Repository