A malicious NPM package called “duer-js,” published by user “luizaearlyx.” This package deploys “Bada Stealer,” an advanced infostealer targeting Windows users, especially developers using Discord and browsers. Despite only 528 downloads, its multi-stage design poses significant risks by stealing sensitive data such as tokens, passwords, and payment information.​ Obfuscation and Initial Payload The package’s index.js […] The post New “duer-js” NPM Package Delivers Bada Stealer Malware to Windows and Discord Users appeared first on Cyber Security News.