Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its payloads.
According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It's assessed that the malware is being propagated through



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/10/stealit-malware-abuses-nodejs-single.html