Growth hacking
fromThe Hacker News
2 months agoMalicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
A malicious npm package uses Google Calendar as a dead drop to deliver next-stage payloads, employing Unicode-based obfuscation.