网络安全研究人员发现,网络犯罪分子正在利用Discord webhook作为替代性命令与控制(C2)通道,渗透主流编程语言生态系统。与传统C2服务器不同,webhook提供免费且隐蔽的数据外传渠道,能够完美隐藏在合法的HTTPS流量中。 过去一个月内,npm、PyPI和RubyGems平台上 ...
Security researchers at Sonatype have discovered today an npm package (JavaScript library) that contains malicious code designed to steal sensitive files from a user's browsers and Discord application ...
The npm security team has removed a malicious JavaScript library from the npm portal that was designed to steal sensitive files from an infected users' browser and Discord application. The malicious ...
一些您可能无法访问的结果已被隐去。
显示无法访问的结果
反馈