Dark Reading
9 months, 3 weeks ago
Npm Package Hides Malware in Steganographic QR Codes
The poisoned package, purporting to be a JavaScript utility, threatens the software supply chain with a highly obsfuscated credential stealer.