{"id":4214,"date":"2025-05-27T07:00:20","date_gmt":"2025-05-27T07:00:20","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2025\/05\/27\/over-70-malicious-npm-and-vs-code-html\/"},"modified":"2025-05-27T07:00:20","modified_gmt":"2025-05-27T07:00:20","slug":"over-70-malicious-npm-and-vs-code-html","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2025\/05\/27\/over-70-malicious-npm-and-vs-code-html\/","title":{"rendered":"Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto"},"content":{"rendered":"<p>    Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.<br \/>\nThe packages, published under three different accounts, come with an install\u2011time script that&#8217;s triggered during npm install, Socket security researcher Kirill Boychenko said in a<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><\/p>\n<p> \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/thehackernews.com\/2025\/05\/over-70-malicious-npm-and-vs-code.html\">Go to TheHackersNews<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over 70 Malicious npm and VS Code Packages Found Stealing Data and Crypto As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. The packages, published under three different accounts, come with an install\u2011time [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[76],"class_list":["post-4214","post","type-post","status-publish","format-standard","hentry","category-thehackersnews","tag-thehackersnews"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/4214"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=4214"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/4214\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=4214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=4214"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=4214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}