Portsuppe

AsyncAPI npm packages infected with credential-stealing malware

BleepingComputer·4h·Media

Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that delivered a remote access trojan with info-stealing capabilities. [...]

Categories cybersecurity · government-security · data-protection
Original source / advisory
Published
7/15/2026, 3:37:27 PM
Fetched
7/15/2026, 6:19:34 PM
Trust
media · 60/100
Language
en