Bleeping Computer

New npm attack poisons local packages with backdoors

Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor. This way, even if the ...
Infosecurity-magazine.com

Malicious npm Packages Deliver Sophisticated Reverse Shells

A newly discovered malware campaign has leveraged malicious npm packages to deliver highly sophisticated reverse shells. Researchers at ReversingLabs identified two malicious packages, ...
Bleeping Computer

Hackers exploit Four-Faith router flaw to open reverse shells

Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. The malicious ...