Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware

Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity.

The affected packages are listed below –

@asyncapi/generator-helpers@1.1.1
@asyncapi/generator-components@0.7.1
@asyncapi/generator@3.3.1
@asyncapi/specs(v6.11.2, v6.11.2-alpha.1)

“The

Source: The Hacker News

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Measuring Input Latency on Linux: X11 vs. Wayland, VRR, and DXVK

Measuring Input Latency on Linux: X11 vs. Wayland, VRR, and DXVK Source: Hacker News

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files, and MFA Codes A single click on a trusted Microsoft link could have let an attacker pull emails,

Attack Update: Top 5 Attack-IPs auf doode.info – 17.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 89.167.35.212 — 365 requests (recent log) 146.190.243.248 — 153 requests (recent log) 213.209.159.175 — 118 requests (recent