Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry.
The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively.
"While typosquatting attacks are

Headline

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

The Hacker News: Latest News