A supply chain attack hit the popular jscrambler npm package, with malicious versions published to the registry using a compromised maintainer credential. These versions contained a Rust-based infostealer designed to steal developer credentials from cloud services (AWS, Azure, GCP), cryptocurrency...
Severity: Critical
Categories: Supply Chain Attack, Malware, Threat Intelligence
Top comments (0)