The Hacker News - Npm Trojan Bypasses UAC, Installs AnyDesk with "Oscompatible" Package
A malicious package uploaded to the npm registry has been found deploying a sophisticated remote access trojan on compromised Windows machines. The package, named "oscompatible," was published on January 9, 2024, attracting a total of 380 downloads before it was taken down. oscompatible included a "few strange binaries," according to software supply chain security firm Phylum, including a single
from The Hacker News https://thehackernews.com/2024/01/npm-trojan-bypasses-uac-installs.html
from The Hacker News https://thehackernews.com/2024/01/npm-trojan-bypasses-uac-installs.html
Comments
Post a Comment