Fake npm install messages are the latest social engineering trick in the open source supply chain, with attackers abusing npm post‑install scripts to silently deploy a crypto‑stealing remote access trojan (RAT) in what ReversingLabs is calling the “Ghost campaign.” By wrapping their payloads in realistic but entirely bogus npm install logs, the threat actors turn […]

The post Fake npm Install Messages Conceal RAT Malware in New Open Source Supply Chain Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/fake-npm-install-messages/