The Hacker News

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Fortinet warns Stealit malware uses Node.js SEA and fake installers to deliver stealers, RATs, and persistence.
Arabian Post on MSN

Stealit Campaign Harnesses Experimental Node.js Feature for Windows Infiltration

A newly observed wave of attacks is using the cutting-edge Single Executable Application capability in Node. js to deliver the Stealit malware to Windows systems, marking a strategic shift by threat ...
heise online

Major attack on node.js

A major attack on the supply chain for software packages for the widely used JavaScript runtime environment node.js was discovered on Monday. The attacker has injected obfuscated malicious code into ...