Malicious actors have yet again published two more
typosquatted libraries to the official NPM repository that mimic a
legitimate package from Roblox, the game company, with the goal of
distributing stealing credentials, installing remote access
trojans, and infecting the compromised systems with ransomware. The
bogus packages — named “noblox.js-proxy” and “noblox.js-proxies” —
were found to
typosquatted libraries to the official NPM repository that mimic a
legitimate package from Roblox, the game company, with the goal of
distributing stealing credentials, installing remote access
trojans, and infecting the compromised systems with ransomware. The
bogus packages — named “noblox.js-proxy” and “noblox.js-proxies” —
were found to
Read more http://feedproxy.google.com/~r/TheHackersNews/~3/q0WhleZjkjo/malicious-npm-libraries-caught.html