A recent cybersecurity threat has emerged from the npm ecosystem, where attackers successfully hid a sophisticated information stealer inside seemingly harmless packages. On March 12, 2026, JFrog security researchers Guy Korolevski and Meitar Palas reported the discovery of two malicious packages designed to deliver the Cipher infostealer. By masquerading as a Roblox script executor named […] The post Malicious npm Campaign Impersonates Solara Executor to Steal Discord and Crypto Wallet Data appeared first on Cyber Security News.