This article has been indexed from The Register – Security
Subverted libraries likely intended as a prank but should be taken seriously, say security researchers
Yet another NPM library has turned up infected with malware. Security firm Sonatype on Wednesday said it had spotted two related malicious NPM libraries that were named so they might be mistaken for a popular legitimate module that serves as a Roblox API wrapper.…
Read the original article: NPM packages disguised as Roblox API code caught carrying ransomware