The open-source software supply chain is facing another bizarre and careless attack. Cybersecurity researchers at OX Security have discovered a malicious npm package designed to steal sensitive user data and upload it to a remote repository. However, the attack took an unexpected turn when the threat actor’s own GitHub access token was found hardcoded directly […]
The post Threat Actor’s GitHub Token Leaked by AI-Generated npm Malware appeared first on Cyber Security News.