Security researchers at Zscaler ThreatLabz have uncovered three malicious npm packages designed to install a sophisticated remote access trojan (RAT) targeting JavaScript developers. The packages, named bitcoin-main-lib, bitcoin-lib-js, and bip40, collectively registered over 3,400 downloads before being removed from the npm registry in November 2025. The attack exploits developer trust in the legitimate BitcoinJS project […]
The post Three Malicious NPM Packages Target Developers’ Login Credentials appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: