Topic: package impersonation

Sort by: Relevance | Date
  • Malicious NuGet Packages Deploy Destructive Time Bombs
    November 9, 2025

    Malicious NuGet Packages Deploy Destructive Time Bombs

    Malicious packages on NuGet, uploaded by shanhai666, contain hidden payloads set to activate between 2027 and 2028, targeting database systems and Siemens industrial devices, with nearly 9,500 downloads before removal. The packages, including Sharp7Extend, mimic legitimate libraries to evade dete...

    Read More »
  • Beware: Malicious npm Package Impersonates Email Library
    September 3, 2025

    Beware: Malicious npm Package Impersonates Email Library

    A malicious npm package named "nodejs-smtp" impersonates the legitimate nodemailer library, compromising cryptocurrency wallets by altering transaction details to redirect funds to attackers. The package uses Electron-based tools to secretly modify the Atomic Wallet application on Windows, replac...

    Read More »

Related Topics

code injection (2) security research (1) malicious packages (1) AI Assistants (1) process termination (1) cryptocurrency theft (1) database targeting (1) cybersecurity research (1)