
Jscrambler npm Supply Chain Attack Steals Developer and Cloud Credentials
A compromised release of the widely used jscrambler npm package has exposed developers and CI pipelines to a sophisticated credential-stealing campaign, after attackers hijacked the maintainers’ publishing credentials to push malicious code disguised as a routine update. Socket’s Research Team detected the malicious [email protected] release just six minutes after it went live on July 11, […]
The post Jscrambler npm Supply Chain Attack Steals Developer and Cloud Credentials appeared first on Cyber Security News.