Researchers discovered a malicious package on the npm package registry that resembles a library for Ethereum smart contract vulnerabilities but actually drops an open-source remote access trojan called Quasar RAT onto developer systems.

Deeba Ahmed

Source: HackRead
Source Link: https://hackread.com/npm-package-disguised-ethereum-tool-quasar-rat/