Attackers have poisoned a code package on the npm registry in a novel way, hiding credential-stealing malware in steganographic QR codes embedded in a package purporting to offer a JavaScript utility.
A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially hiding in plain sight in embedded QR codes. QR codes are ubiquitous these ...
Add Popular Science (opens in a new tab) More information Adding us as a Preferred Source in Google by using this link indicates that you would like to see more of our content in Google News results.
Results that may be inaccessible to you are currently showing.
Hide inaccessible results