Malicious NPM Package Caught Stealing Users’ Saved Passwords From Browsers

A software package available from the official NPM repository has been revealed to be actually a front for a tool that’s designed to steal saved passwords from the Chrome web browser. The package in question, named “nodejs_net_server”

Read full article on The Hacker News