Npm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” Package
January 19, 2024 at 03:33AM A recently discovered malicious npm package “oscompatible” was found to deploy a sophisticated remote access trojan on compromised Windows machines. This attack highlights the increasing targeting of open-source software ecosystems and the risks associated with deprecated npm packages. The security firm Aqua revealed that 21.2% of top npm packages are … Read more