The recent “StegaBin” campaign has raised serious concerns within the developer community, as it leverages 26 malicious npm packages to deploy a multi-stage credential theft operation. Identified by Socket’s AI-powered threat detection systems, these packages use a novel technique to hide their command-and-control (C2) infrastructure inside seemingly harmless text. This method, known as character-level steganography, […] The post “StegaBin” Campaign Targets npm Users With Multi-Stage Credential Theft appeared first on Cyber Security News.