A novel npm package named fezbox has been uncovered by the Socket Threat Research Team as a sophisticated malware delivery mechanism that exfiltrates username and password credentials from browser cookies via an embedded QR code. Published under the npm alias janedu (registration email janedu0216@gmail[.]com), the package masquerades as a harmless JavaScript/TypeScript utility library while quietly […]
The post New npm Malware Steals Browser Passwords via Steganographic QR Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: