Malicious NPM packages used to grab data from apps, websites


Researchers from ReversingLabs discovered a couple of dozen NPM packages that included malicious code designed to steal data from apps and web forms on websites that included the modules.

The malicious NPM modules were delivered as part of a widespread campaign, tracked as IconBurst, that according to the experts has been active at least since 2021. One of the tainted packages had been downloaded more than 17,000 times.

Read more…