Malicious Rspack, Vant packages published using stolen NPM tokens

Malicious Rspack, Vant packages published using stolen NPM tokens










Three popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. […]






Bill Toulas





Go to bleepingcomputer





Posted

in

, ,

by