Unmasking the Troublemaker: 14 Malicious NPM Packages Revealed!

Unmasking the Troublemaker: 14 Malicious NPM Packages Revealed!

Troublemaker Packages: Sowing Chaos in the npm Registry

Sonatype cybersecurity researchers have detected a nefarious new batch of mischievous npm packages. These are no ordinary code depots, instead, they are double agents designed to steal Kubernetes configurations and SSH keys! They then ferry this crucial information from the compromised systems to a remote server, like James Bond with a nasty twist.

The Sneaky Fourteen

The researchers weren’t playing a game of cyber bingo; instead, they have, to date, identified 14 treacherous npm packages. The perpetrators behind these vile parcels are @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, and @am-fe/watermark-core. With names like that, they remind me of the secret menu at a hipster coffee shop. But instead of giving you a caffeine kick, they could jack your system’s secrets!


Npm is like an unassuming JD Salinger novel blowing up with malicious intent; cyber booby traps laid by anti-heroes in this digital realm. Researchers have discovered 14 such malicious packages in the npm registry. These tricky code-encrusted devices are made to snatch Kubernetes configurations and SSH keys from machines they contaminate. Post contamination, they discreetly dispatch the stolen information to a remote server – the climax of their undercover operations. However, not all is lost. Thanks to the vigilant cybersecurity experts at Sonatype, we now know their identities – these packages are all under the “@am-fe” alias. Beware and tread cautiously in this murky realm!

Original Article: https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html


Your Cart Is Empty

No products in the cart.