Skip to content
The Nexus
SECURITYJun 29 · 05:36 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Cybersecurity researchers discovered hijacked npm and Go packages that deploy a Python-based information stealer using VS Code tasks on Windows, Linux, and macOS systems. The attack bypasses common npm execution paths to avoid detection by security measures like those in npm v12.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this
Related Signal

Adjacent reporting