Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and Read more…