A newly uncovered supply chain attack targeting the npm ecosystem has been linked to North Korean (DPRK)-aligned threat actors. The campaign centers around a malicious npm package named terminal-logger-utils, which embeds a sophisticated multi-stage malware capable of keylogging, data exfiltration, and remote system control. The package was distributed through three dependent libraries pretty-logger-utils, ts-logger-pack, and pinno-loggers which automatically […]
The post Hackers Abuse Hugging Face to Deliver npm Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: