Bleeping Computer

New npm attack poisons local packages with backdoors

Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor. This way, even if the ...
Bleeping Computer

Reverse shell botnet Gitpaste-12 spreads via GitHub and Pastebin

A newly discovered worm and botnet named Gitpaste-12 lives on GitHub and also uses Pastebin to host malicious code. The advanced malware comes equipped with reverse shell and crypto-mining ...
Infosecurity-magazine.com

Malicious npm Packages Deliver Sophisticated Reverse Shells

A newly discovered malware campaign has leveraged malicious npm packages to deliver highly sophisticated reverse shells. Researchers at ReversingLabs identified two malicious packages, ...