Malicious NPM Packages Deploy Cross-Platform Spyware

Security researchers have identified ten malicious npm packages deploynaturally to imitate legitimate software tools and infect systems across multiple platforms. These packages, hosted in the npm registry, deliver an information-stealing component that targets Windows, Linux, and macOS environments. Once installed, the malware collects sensitive data from affected devices, putting users and organizations at risk.

The malicious NPM packages deploynaturally through deceptive project names that resemble trusted open-source libraries. This tactic enables attackers to evade detection and increase the likelihood of installation by unsuspecting developers. The infostealer component executes after download, harvesting credentials, system information, and other private data.

Users should exercise caution when selecting packages from public code repositories, particularly when working with lesser-known libraries. Developers are urged to verify the authenticity of packages before integration into projects.

For a full breakdown of the threat and detailed technical analysis, read the original report from BleepingComputer:
https://www.bleepingcomputer.com/news/security/malicious-npm-packages-fetch-infostealer-for-windows-linux-macos/