A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality.
The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what’s an instance of a typosquatting campaign. It was downloaded 704
Related Post
- February 22, 2025
Bybit Confirms Record-Breaking $1.46 Billion Crypto Heist in
Cryptocurrency exchange Bybit on Friday revealed that a “sophisticated” attack led to the theft of over $1.46 billion worth of
- February 22, 2025
OpenAI Bans Accounts Misusing ChatGPT for Surveillance and
OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected
- February 21, 2025
Friday Squid Blogging: New Squid Fossil
A 450-million-year-old squid fossil was dug up in upstate New York. Blog moderation policy.
- February 21, 2025
Apple Drops iCloud’s Advanced Data Protection in the
Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government