Information security
fromThe Hacker News
7 hours agoMalicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens
SANDWORM_MODE supply-chain worm uses malicious npm packages to harvest credentials and crypto keys, propagate via stolen identities, and target AI coding assistants.