New npm Nightmare: 10 Malicious Packages Unleash Multi-OS Credential Chaos

Cybersecurity researchers have uncovered 10 malicious npm packages using typosquatting to deliver an information stealer that targets Windows, Linux, and macOS. These packages impersonate popular libraries, fool users with fake CAPTCHAs, and swipe credentials like they’re in a digital supermarket sweep. Stay alert and avoid these npm nasties!

3P
Published: October 29, 2025 9:56 amAdded: October 29, 2025 at 3:29 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Move over, Hollywood heist movies! The real capers are happening in the digital realm where hackers are pulling off a heist with the finesse of a magician and the stealth of a ninja. Who knew npm packages could be so spicy?

Key Points:

  • Ten malicious npm packages were discovered, targeting multiple operating systems.
  • These packages use typosquatting to mimic popular npm libraries.
  • The malware employs four layers of obfuscation to cloak its operations.
  • It harvests credentials from system keyrings and browsers.
  • 9,900 downloads were recorded before detection.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?