A highly sophisticated npm supply chain attack that abuses a fake HTTP client package to deliver both a powerful RAT and a stealthy browser stealer. The malicious package, [email protected], was uploaded to npm to impersonate undici, the official HTTP client widely used in Node.js projects. Despite the similar name, it contains no HTTP client logic; […]

The post NPM Supply Chain Attack Uses undicy-http to Deploy RAT appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/npm-supply-chain-attack/