Miasma Turns Trusted npm Packages Into Persistent Backdoors for Developer Machines

Miasma has returned through software packages that many developers would normally trust. Four AsyncAPI packages on npm were altered to deliver a Miasma v3 payload, creating a route for long-term remote access. The campaign does not depend on malware running when a package is installed. Instead, hidden code activates when an application, generator, or build […]

The post Miasma Turns Trusted npm Packages Into Persistent Backdoors for Developer Machines appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: