Skip to main content
CyberSingle-sourceMediumDeveloping
5.3

AsyncAPI npm packages infected with credential-stealing malware

A supply-chain attack published five malicious AsyncAPI packages to npm, delivering a remote access trojan with info-stealing capabilities. The attack's impact and scope are uncertain.

BleepingComputer2 days agoUSCredibility 55%View source

Score Breakdown

Mosaic Score5.3
Confidence0.5
Significance0.5
Source credibility0.6
Source

Related signals

8 found