National Cyber Warfare Foundation (NCWF)

Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware


0 user ratings
2026-07-15 09:43:33
milo
Attacks
Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity.

The affected packages are listed below -


@asyncapi/[email protected]
@asyncapi/[email protected]
@asyncapi/[email protected]
@asyncapi/specs(v6.11.2, v6.11.2-alpha.1)

"The



Source: TheHackerNews
Source Link: https://thehackernews.com/2026/07/compromised-asyncapi-npm-packages.html


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
Attacks



Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.