The Hacker News
2 years, 9 months ago
Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack
A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality