Tag: node.js

3 Attack Reports | 0 Vulnerabilities

Attack reports

Malicious Packages Identified in the Wild: Insights and Trends from November 2024 Onward

FortiGuard Labs has analyzed malicious software packages detected from November 2024 to March 2025, revealing various attack techniques used to exploit system vulnerabilities. Key findings include 1,082 packages with low file counts, 1,052 packages with suspicious install scripts, and 1,043 package…
obfuscation
python
typosquatting
node.js
backdoors
data exfiltration
vulnerability exploitation
2025-03-10
install scripts
software packages
Published: March 10, 2025
Downloadable IOCs: 11

NodeLoader Exposed: The Node.js Malware Evading Detection

Zscaler ThreatLabz discovered a malware campaign using Node.js applications for Windows to distribute cryptocurrency miners and information stealers. Named NodeLoader, this malware family employs Node.js compiled executables to deliver second-stage payloads like XMRig, Lumma, and Phemedrone Stealer…
social engineering
node.js
lumma stealer
evasion techniques
information stealers
2024-12-13
game streaming
cryptocurrency miners
nodeloader
Published: December 13, 2024
Downloadable IOCs: 0

Distribution of Infostealer Made With Electron

AhnLab Security Intelligence Center (ASEC) has discovered an Infostealer malware strain developed using the Electron framework, which allows the creation of applications using JavaScript, HTML, and CSS. The malware is distributed through Nullsoft Scriptable Install System (NSIS) installer format. O…
infostealer
javascript
node.js
electron
Published: April 30, 2024
Downloadable IOCs: 1
Click here to see more Attack Reports