This article has been indexed from The Hacker News
Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems.
The malicious packages in question — named okhsa, klow, and klown — were published by the same
Read the original article: Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices