Four Malicious npm Packages Steal SSH Keys, Cloud Credentials, and Crypto Wallets

Four malicious npm packages capable of stealing SSH keys, cloud credentials, cryptocurrency wallets, and environment variables, while one variant quietly transforms infected machines into a DDoS botnet. The campaign appears to be the work of a single threat actor deploying multiple infostealer variants simultaneously through a coordinated typosquatting operation targeting Axios users. The four packages […] The post Four Malicious npm Packages Steal SSH Keys, Cloud Credentials, and Crypto Wallets appeared first on Cyber Security News.