A coordinated supply-chain campaign that pushed 17 malicious packages across npm and PyPI, masquerading as SDKs for well-known payment services including PaySafe, Skrill and Neteller. The campaign’s packages 17 npm modules published with four rapid versions each and four PyPI packages access with single malicious releases presented as convenient payment SDK facades but contained logic […]
The post npm and PyPI Malware Campaign Exfiltrates CI/CD Secrets Through Fake Payment SDKs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: