Software Threat Researcher, ReversingLabs. Lucija works on the TitaniumCore Team.
RL researchers have identified yet another npm package that uses malicious patching of local software to hijack cryptocurrency transfers.
Learn More about Atomic and Exodus crypto wallets targeted in malicious npm campaign
For the first time, RL researchers discover malicious locally-installed npm packages infecting other legitimate packages.
Learn More about Malware found on npm infecting local package with reverse shell
To avoid compromised packages being introduced as a dependency in a larger project, security teams need to keep an eye peeled for such malicious code.
Learn More about A new playground: Malicious campaigns proliferate from VSCode to npm