A threat actor compromised 16 highly popular React Native and GlueStack packages, collectively downloaded over a million times weekly. The attackers inserted a stealthy backdoor into these packages using whitespace obfuscation to hide malicious code. The payload is a Remote Ac...

A threat actor compromised 16 highly popular React Native and GlueStack packages, collectively downloaded over a million times weekly. The attackers inserted a stealthy backdoor into these packages using whitespace obfuscation to hide malicious code. The payload is a Remote Ac...

Source: Wiz
Source Link: https://threats.wiz.io/all-incidents/npm-supply-chain-attack-compromises-16-popular-react-native-and-gluestack-packages