Fake WhatsApp Developer Libraries Hide Destructive Data-Wiping Code
3 Articles
3 Articles
WhatsApp Developers Under Attack From Weaponized npm Packages with Remote Kill Switch
Two malicious npm packages have emerged as sophisticated weapons targeting WhatsApp developers through a remote-controlled destruction mechanism that can completely wipe development systems. The packages, identified as naya-flore and nvlore-hsc, masquerade as legitimate WhatsApp socket libraries while harboring a devastating… Read more → The post WhatsApp Developers Under Attack From Weaponized npm Packages with Remote Kill Switch appeared first…
Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes
Cybersecurity researchers have discovered a set of 11 malicious Go packages that are designed to download additional payloads from remote servers and execute them on both Windows and Linux systems. "At runtime the code silently spawns a shell, pulls a second-stage payload from an interchangeable set of .icu and .tech command-and-control (C2) endpoints, and executes it in memory," Socket security
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium