Dossier
vpmdhaj
Coverage of vpmdhaj in the Nexus archive.
- Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
A lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch, and DevOps libraries, using typosquatting and metadata spoofing to steal cloud credentials and CI/CD secrets. Microsoft reported the attack, which involved a credential-harvesting payload and techniques like inflated version numbers to appear legitimate, with all packages later removed.