CyberHighConfirmedAccelerating
10.0
Compromised AsyncAPI npm packages distribute multi-stage botnet loader
The Hacker News·3 days ago
A persistent GoSerpent malware campaign has been active since late 2025, facilitating credential theft and long-term unauthorized access to sensitive government networks. The use of compromised hosts for traffic routing suggests a sophisticated effort to obfuscate command-and-control infrastructure.