Malicious npm Packages Mimicking 'noblox.js' Compromise Roblox Developers’ Systems

Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware.
"By mimicking the popular 'noblox.js' library, attackers have published dozens of packages designed to steal sensitive data and compromise systems," Checkmarx


https://thehackernews.com/2024/09/malicious-npm-packages-mimicking.html?utm_source=dlvr.it&utm_medium=blogger