Hacking News Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys

Hacking News Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys - Printable Version

+- (https://hackmyride.com/forum)
+-- Forum: Automotive Hacking (https://hackmyride.com/forum/forumdisplay.php?fid=211)
+--- Forum: News (https://hackmyride.com/forum/forumdisplay.php?fid=278)
+---- Forum: The Hacker News (https://hackmyride.com/forum/forumdisplay.php?fid=279)
+---- Thread: Hacking News Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys (/showthread.php?tid=7864)

Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys - The Hacker News - 09-21-2023

Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys

Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server.
Sonatype said it has discovered 14 different npm packages so far: @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, @am-fe/watermark-core,

https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html