|
|
|
|
|
|
by abhisek
425 days ago
|
|
|
We run similar npm package monitors. The use of exotic tld domains such as 0x9c.xyz kind of gave it away because YARA Forge rules have native signatures to detect such domains. It will be interesting t explore how the project got compromised and malicious packages published to the registry. |
|
|