A concerning new supply chain attack has emerged targeting Linux developers who work with Telegram’s bot ecosystem. Discovered in early 2025, several malicious npm packages have been masquerading as legitimate Telegram bot libraries to deliver SSH backdoors and exfiltrate sensitive data from unsuspecting developers. These typosquatted packages collectively accumulated approximately 300 downloads over several months, […]
The post Malicious npm Packages Attacking Linux Developers to Install SSH Backdoors appeared first on Cyber Security News.
This article has been indexed from Cyber Security News