Velora (formerly ParaSwap) SDK Version 9.4.1 Compromised And Installing Malware
The npm package @velora-dex/sdk version 9.4.1 contains malicious code that automatically downloads and executes a shell script from a remote server when the
Read the full articleYou might also wanna read
Cybersecurity Startup Publishes Infostealers to NPM
opensourcemalware.com·5h ago
The OpenSourceMalware Show #12
opensourcemalware.com·5h ago
PolinRider Jumps the Fence to Go, Packagist, npm, PyPI
opensourcemalware.com·1d ago
The OpenSourceMalware Show #11
opensourcemalware.com·7d ago
The OpenSourceMalware Show #10
opensourcemalware.com·14d ago
The OpenSourceMalware Show #9
opensourcemalware.com·21d ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.