A newly uncovered supply chain attack targeting the npm ecosystem has been linked to North Korean (DPRK)-aligned threat actors. The campaign centers around a malicious npm package named terminal-logger-utils, which embeds a sophisticated multi-stage malware capable of keylogging, data exfiltration, and remote system control. The package was distributed through three dependent libraries pretty-logger-utils, ts-logger-pack, and pinno-loggers which automatically […]

The post Hackers Abuse Hugging Face to Deliver npm Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/hackers-abuse-hugging-face/