A new supply-chain attack dubbed StegaBin is targeting JavaScript developers through 26 malicious npm packages that appear to be popular open-source libraries but secretly deploy a multi-stage credential-stealing toolkit and a Remote Access Trojan (RAT). The campaign is linked to the North Korean-aligned FAMOUS CHOLLIMA threat actor, known from previous “Contagious Interview” operations against cryptocurrency […]

The post New ‘StegaBin’ Campaign Deploys Multi-Stage Credential Stealer via 26 Malicious npm Packages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.