{"id":11315,"date":"2023-05-01T10:41:13","date_gmt":"2023-05-01T10:41:13","guid":{"rendered":"https:\/\/khaleej-trend.online\/eng\/?p=11315"},"modified":"2023-05-01T10:41:13","modified_gmt":"2023-05-01T10:41:13","slug":"npm-packages-face-an-influx-of-malware-akashtdr","status":"publish","type":"post","link":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/","title":{"rendered":"npm packages face an influx of malware akashtdr"},"content":{"rendered":"<div id=\"khale-7552342\" class=\"khale-- khale-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-9610686647069611\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-9610686647069611\" \ndata-ad-slot=\"1846615391\" \ndata-ad-format=\"auto\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><div id=\"khale-3753717375\" class=\"khale-before-content khale-entity-placement\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-9610686647069611\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-9610686647069611\" \ndata-ad-slot=\"1846615391\" \ndata-ad-format=\"auto\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div><p><a href=\"https:\/\/khaleej-trend.online\/eng\/\">Kworld Trend<\/a> \/ npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, providing a broad supply chain attack surface for threat actors.<\/p><div id=\"khale-843595379\" class=\"khale-- khale-entity-placement\" style=\"margin-left: auto;margin-right: auto;text-align: center;\"><script async src=\"\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-9610686647069611\" crossorigin=\"anonymous\"><\/script><ins class=\"adsbygoogle\" style=\"display:block;\" data-ad-client=\"ca-pub-9610686647069611\" \ndata-ad-slot=\"1846615391\" \ndata-ad-format=\"auto\"><\/ins>\n<script> \n(adsbygoogle = window.adsbygoogle || []).push({}); \n<\/script>\n<\/div>\n<div class=\"c-article__content js-reading-content\">\n<p><span style=\"vertical-align: inherit;\">More than 1,300 malicious packages have been identified in the most downloaded JavaScript package repository used by developers, npm, in the past six months &#8211; a rapid increase that illustrates how npm has become a launching pad for a range of nefarious activities.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">New research by open source security and management company WhiteSource has discovered an alarming increase in the delivery of malicious npm packages, which are used as building blocks for web applications. Any application that uses a malicious code block can introduce data theft, cryptocurrency, botnet delivery, and more to its users.<\/span><\/p>\n<p dir=\"ltr\"><span style=\"vertical-align: inherit;\">Of the malicious packages found, the company said, 14 percent were designed to steal sensitive information such as credentials, while nearly 82 percent of those packages performed &#8220;scanning,&#8221; which involved adversaries actively or passively collecting information. Can be used to support targeting. .<\/span><\/p>\n<h2 dir=\"ltr\">npm packages face an influx of malware akashtdr<\/h2>\n<p dir=\"ltr\"><span style=\"vertical-align: inherit;\">Because npm packages in general are downloaded more than 20 billion times a week \u2014 and thus installed across countless web-facing software components and applications around the world \u2014 exploiting them means plenty of room for attackers to play, the researchers said in a report Wednesday. . An average of 32,000 new package releases are published per minute each month (17,000 per day), and 68 percent of developers rely on it to create rich online functionality, according to WhiteSource.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">The researchers said that this level of activity enables threat actors to launch a number of software supply chain attacks. Accordingly, WhiteSource investigated malicious activity in npm, identifying more than 1,300 malicious packages in 2021 &#8211; which were subsequently removed, but may have entered any number of applications prior to their removal.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">&#8220;Attackers are focusing more efforts on using npm for their own nefarious purposes and targeting the software supply chain with npm,&#8221; they wrote in the report. \u201cIn these supply chain attacks, adversaries shift their attacks upstream by infecting existing components that are distributed downstream and potentially installed millions of times over.\u201d<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">To boot, with so many npm packages released per month, it&#8217;s also easy for vulnerabilities to slip through the holes, the researchers noted.<\/span><\/p>\n<h2><strong><span style=\"vertical-align: inherit;\">Why npm attack?<\/span><\/strong><\/h2>\n<p><span style=\"vertical-align: inherit;\">JavaScript is the most widely used programming language, and there are about 16.4 million JavaScript developers globally, according to WhiteSource.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">Its widespread use and deployment across applications and systems that use the Internet make the JavaScript ecosystem a prime target for attackers, the researchers said. The researchers said that Npm itself is one of the most popular package and registry managers, with more than 1.8 million active packages, each with an average of 12.3 versions.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">Package registries like npm also store packages, their associated metadata, and the configurations needed to install them &#8211; all of which are attack vectors, which makes it difficult for IT to keep up with packages, especially when the need to keep track of package versions is factored in.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">Furthermore, although npm and other registries play an essential role in the JavaScript development process, &#8220;there are minimal security standards associated with them&#8221; because most of them are maintained and verified by open source communities or consortia, the researchers said. This makes it ripe for exploitation by attackers, according to <em>WhiteSource<\/em>. npm packages face an influx of malware akashtdr<\/span><\/p>\n<h4>Cont<\/h4>\n<p><span style=\"vertical-align: inherit;\">In fact, attackers are taking advantage of the malicious opportunity that npm presents and have already targeted its popular registries in several high-profile attacks last year.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">In January, attackers used npm to spread CursedGrabber malware that can steal Discord tokens and thus enable attacks on user accounts and servers. Then in July, researchers discovered a malicious npm package that was stealing passwords via Chrome&#8217;s account recovery tool.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">In December, attackers used npm to target Discord again, hiding malicious code inside a package manager to harvest Discord tokens that could be used to take over unsuspecting users&#8217; accounts and servers.<\/span><\/p>\n<h3><span style=\"vertical-align: inherit;\">What is npm and why is it important?<\/span><\/h3>\n<p><span style=\"vertical-align: inherit;\">By the end of 2022, there will be more than two billion websites on the Internet, and this number is expected to continue to grow exponentially, given that 252,000 new websites are created every day. Approximately 98 percent of these sites use JavaScript, a programming language known for its popularity, speed, strong documentation, and interoperability with other programming languages.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">According to the Stack Overflow 2020 Developer Survey, for the eighth year in a row, JavaScript is <\/span><br \/>\n<span style=\"vertical-align: inherit;\">the most used programming language globally. 67.7% of respondents use it. With an estimated worldwide developer community of 24.3 million active software developers &#8211; that&#8217;s over 16.4 million developers.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">However, even as developers increasingly rely on JavaScript to create rich online functionality, the JavaScript ecosystem <\/span><span style=\"vertical-align: inherit;\">is under constant attack from malicious actors. A common attack method is to install JavaScript packages <\/span><span style=\"vertical-align: inherit;\">using various package managers, which are tools that automatically handle project dependencies.\u00a0 npm packages face an influx of malware akashtdr<\/span><\/p>\n<h2><strong><span style=\"vertical-align: inherit;\">Malware and its common targets and effects<\/span><\/strong><\/h2>\n<p><span style=\"vertical-align: inherit;\">WhiteSource researchers identified some of the most common malware hidden in malicious npm packages they observed in the report, with payloads that can steal credentials or encryption and run botnets among the top offenders.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">Some of the malicious packages and their functionality identified by WhiteSource in their investigation include:<\/span><\/p>\n<ul>\n<li><strong><span style=\"vertical-align: inherit;\">mos-sass-loader and css-resources-loader<\/span><\/strong><span style=\"vertical-align: inherit;\"> , which share brandjacking for remote code execution (RCE);<\/span><\/li>\n<li><strong><span style=\"vertical-align: inherit;\">Admin Circle web app and browser warning UI<\/span><\/strong><span style=\"vertical-align: inherit;\"> , which identifies external packages including malware for download;<\/span><\/li>\n<li><strong><span style=\"vertical-align: inherit;\">grubhubprod_cookbook<\/span><\/strong><span style=\"vertical-align: inherit;\"> , which gets into dependency confusion with the aim of entering Grubhub company data<\/span><\/li>\n<li><strong><span style=\"vertical-align: inherit;\">H98dx<\/span><\/strong><span style=\"vertical-align: inherit;\"> , a remote executable shell that runs on install to infect the device; And<\/span><\/li>\n<li><strong><span style=\"vertical-align: inherit;\">azure-web-pubsub-express<\/span><\/strong><span style=\"vertical-align: inherit;\"> , which enables data aggregation that collects host information.<\/span><\/li>\n<\/ul>\n<p><span style=\"vertical-align: inherit;\">The researchers also described a supply chain attack they observed in October using a popular npm library, ua-parser-js, which is used to parse user agent strings to identify a user&#8217;s browser, operating system, device, and other attributes. They said the library has more than 7 million downloads per week.<\/span><\/p>\n<h4>Cont<\/h4>\n<p><span style=\"vertical-align: inherit;\">The researchers explain that threat actors used ua-parser-js to leverage the software supply chain and gain access to sensitive data, as well as vulnerable enterprise resources in the cloud.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">&#8220;The attackers inserted malicious code in three copies of ua-parser-js after apparently taking over the developer&#8217;s npm account,&#8221; the researchers wrote. Three new versions of this package have been released in an effort to get users to download it.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">While the previous clean version of the package was 0.7.28, the attacker deployed identical 0.7.29, 0.8.0, and 1.0.0 packages, &#8220;each containing malicious code activated upon installation,&#8221; they explain.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">The researchers added that the author of the package responded quickly to mitigate the attacks and try to reduce the number of people who inadvertently installed a malicious package by publishing 0.7.30, 0.8.1 and 1.0.1.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">Researchers have concluded that developers should be particularly vigilant when downloading npm packages on weekends, because it is the most time of the week when attackers release malicious packages. They said this is likely because they are understaffed and therefore online, making it easier for their activity to go unnoticed. npm packages face an influx of malware akashtdr<\/span><\/p>\n<\/div>\n<h3><span style=\"vertical-align: inherit;\">comments<\/span><\/h3>\n<p><span style=\"vertical-align: inherit;\">JFrog researchers wrote:<\/span><\/p>\n<blockquote><p><span style=\"vertical-align: inherit;\">The obfuscated version of the code is enormous: more than 4,000 lines of unreadable code, which contains every possible method of obfuscation: malformed variable names, encrypted strings, code flattening and reflexive function calls:<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">Through manual analysis and scripting, we were able to decompile the package and reveal that its final payload is quite straightforward &#8211; the payload simply loops through known browsers&#8217; local storage folders (and Discord-specific folders), then searches for strings that look like Discord code using a regular expression. Any found token is sent back via HTTP POST to the static server https:\/\/aba45cf.glitch.me\/polarlindo.<\/span><\/p><\/blockquote>\n<p><span style=\"vertical-align: inherit;\">Another package called fix-error claimed to fix bugs in the &#8220;selfbot&#8221; discord. It also contained malicious code that had been obfuscated, but in this case, it was easier for the researchers to decipher. Researchers soon determined that the hidden code was a stolen copy of PirateStealer\u00a0 <\/span><a href=\"https:\/\/github.com\/Stanley-GF\/PirateStealer\" data-uri=\"a04bddb7f49265290893fce4bbe8b783\"><span style=\"vertical-align: inherit;\">,<\/span><\/a><span style=\"vertical-align: inherit;\"> an app that steals credit card information, login credentials, and other private data stored in the Discord client. It works by injecting malicious Javascript code into the Discord client. The token then &#8220;sies&#8221; on the user and sends the stolen information to an encrypted address.<\/span><\/p>\n<p><span style=\"vertical-align: inherit;\">The third example is prerequests-xcode, which is a package that contains the functions of a remote access trojan. The researchers wrote:<\/span><\/p>\n<blockquote><p><span style=\"vertical-align: inherit;\">Upon examining the package&#8217;s code, we discovered that it contains a Node.JS port of <\/span><br \/>\n<a href=\"https:\/\/github.com\/Sp00p64\/DiscordRAT\" data-uri=\"02d20e46ef73878a62b6a8bc666cd955\"><span style=\"vertical-align: inherit;\">DiscordRAT<\/span><\/a><span style=\"vertical-align: inherit;\"> (originally written in Python) that gives the attacker complete control over the victim&#8217;s machine. Malware is masked with the\u00a0 <\/span><span style=\"vertical-align: inherit;\">popular online tool <\/span><a href=\"https:\/\/obfuscator.io\/\" data-uri=\"ccae5c63024ea06dbe5a6fd1a28fe439\"><span style=\"vertical-align: inherit;\">obfuscator.io , but in this case it is enough to examine the list of available commands to understand the functions of RAT (literally copy).<\/span><\/a><\/p><\/blockquote>\n<div id=\"khale-306456304\" class=\"khale-after-content khale-entity-placement\"><script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-9610686647069611\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-format=\"autorelaxed\"\r\n     data-ad-client=\"ca-pub-9610686647069611\"\r\n     data-ad-slot=\"3780750108\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script><\/div>","protected":false},"excerpt":{"rendered":"<p>Kworld Trend \/ npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in cryptojacking and unleash botnets, providing a broad supply chain attack surface for threat actors. More than 1,300 malicious packages have been identified in the most downloaded JavaScript package repository used by developers, npm, &hellip;<\/p>\n","protected":false},"author":14,"featured_media":11316,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[86],"tags":[12686,12685,12684],"class_list":["post-11315","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-npm-packages-face-an-influx","tag-npm-packages-face-an-influx-of-malware","tag-npm-packages-face-an-influx-of-malware-akashtdr"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>npm packages face an influx of malware akashtdr - kworld trend<\/title>\n<meta name=\"description\" content=\"npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"npm packages face an influx of malware akashtdr - kworld trend\" \/>\n<meta property=\"og:description\" content=\"npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in\" \/>\n<meta property=\"og:url\" content=\"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/\" \/>\n<meta property=\"og:site_name\" content=\"kworld trend\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-01T10:41:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2023\/05\/npm-packages-face-an-influx-of-malware-akashtdr.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1201\" \/>\n\t<meta property=\"og:image:height\" content=\"602\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"fady2023\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"fady2023\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/\"},\"author\":{\"name\":\"fady2023\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/#\\\/schema\\\/person\\\/7df2c315ab850ba5562fc3f2c7488bfa\"},\"headline\":\"npm packages face an influx of malware akashtdr\",\"datePublished\":\"2023-05-01T10:41:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/\"},\"wordCount\":1457,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/#\\\/schema\\\/person\\\/f6ad643a7680ed9db4f2dff3b371363c\"},\"image\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/npm-packages-face-an-influx-of-malware-akashtdr.jpg\",\"keywords\":[\"npm packages face an influx\",\"npm packages face an influx of malware\",\"npm packages face an influx of malware akashtdr\"],\"articleSection\":[\"news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/\",\"url\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/\",\"name\":\"npm packages face an influx of malware akashtdr - kworld trend\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/npm-packages-face-an-influx-of-malware-akashtdr.jpg\",\"datePublished\":\"2023-05-01T10:41:13+00:00\",\"description\":\"npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#primaryimage\",\"url\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/npm-packages-face-an-influx-of-malware-akashtdr.jpg\",\"contentUrl\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2023\\\/05\\\/npm-packages-face-an-influx-of-malware-akashtdr.jpg\",\"width\":1201,\"height\":602,\"caption\":\"npm packages face an influx of malware akashtdr\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/npm-packages-face-an-influx-of-malware-akashtdr\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"npm packages face an influx of malware akashtdr\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/#website\",\"url\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/\",\"name\":\"kworld trend\",\"description\":\"site care about apps and trends\",\"publisher\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/#\\\/schema\\\/person\\\/f6ad643a7680ed9db4f2dff3b371363c\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/#\\\/schema\\\/person\\\/f6ad643a7680ed9db4f2dff3b371363c\",\"name\":\"hasadwan2020\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/cropped-download.jpg\",\"url\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/cropped-download.jpg\",\"contentUrl\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/cropped-download.jpg\",\"width\":512,\"height\":512,\"caption\":\"hasadwan2020\"},\"logo\":{\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/wp-content\\\/uploads\\\/2022\\\/11\\\/cropped-download.jpg\"},\"sameAs\":[\"https:\\\/\\\/khaleej-trend.online\\\/eng\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/#\\\/schema\\\/person\\\/7df2c315ab850ba5562fc3f2c7488bfa\",\"name\":\"fady2023\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/76c010ce04269635108a255c024cb7773107bc7b4682e75046ef4f539728c9eb?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/76c010ce04269635108a255c024cb7773107bc7b4682e75046ef4f539728c9eb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/76c010ce04269635108a255c024cb7773107bc7b4682e75046ef4f539728c9eb?s=96&d=mm&r=g\",\"caption\":\"fady2023\"},\"url\":\"https:\\\/\\\/khaleej-trend.online\\\/eng\\\/author\\\/fady2023\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"npm packages face an influx of malware akashtdr - kworld trend","description":"npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/","og_locale":"en_US","og_type":"article","og_title":"npm packages face an influx of malware akashtdr - kworld trend","og_description":"npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in","og_url":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/","og_site_name":"kworld trend","article_published_time":"2023-05-01T10:41:13+00:00","og_image":[{"width":1201,"height":602,"url":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2023\/05\/npm-packages-face-an-influx-of-malware-akashtdr.jpg","type":"image\/jpeg"}],"author":"fady2023","twitter_card":"summary_large_image","twitter_misc":{"Written by":"fady2023","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#article","isPartOf":{"@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/"},"author":{"name":"fady2023","@id":"https:\/\/khaleej-trend.online\/eng\/#\/schema\/person\/7df2c315ab850ba5562fc3f2c7488bfa"},"headline":"npm packages face an influx of malware akashtdr","datePublished":"2023-05-01T10:41:13+00:00","mainEntityOfPage":{"@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/"},"wordCount":1457,"commentCount":0,"publisher":{"@id":"https:\/\/khaleej-trend.online\/eng\/#\/schema\/person\/f6ad643a7680ed9db4f2dff3b371363c"},"image":{"@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#primaryimage"},"thumbnailUrl":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2023\/05\/npm-packages-face-an-influx-of-malware-akashtdr.jpg","keywords":["npm packages face an influx","npm packages face an influx of malware","npm packages face an influx of malware akashtdr"],"articleSection":["news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/","url":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/","name":"npm packages face an influx of malware akashtdr - kworld trend","isPartOf":{"@id":"https:\/\/khaleej-trend.online\/eng\/#website"},"primaryImageOfPage":{"@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#primaryimage"},"image":{"@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#primaryimage"},"thumbnailUrl":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2023\/05\/npm-packages-face-an-influx-of-malware-akashtdr.jpg","datePublished":"2023-05-01T10:41:13+00:00","description":"npm packages face an influx of malware akashtdr, Attackers use increasingly malicious JavaScript packages to steal data, engage in","breadcrumb":{"@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#primaryimage","url":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2023\/05\/npm-packages-face-an-influx-of-malware-akashtdr.jpg","contentUrl":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2023\/05\/npm-packages-face-an-influx-of-malware-akashtdr.jpg","width":1201,"height":602,"caption":"npm packages face an influx of malware akashtdr"},{"@type":"BreadcrumbList","@id":"https:\/\/khaleej-trend.online\/eng\/npm-packages-face-an-influx-of-malware-akashtdr\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/khaleej-trend.online\/eng\/"},{"@type":"ListItem","position":2,"name":"npm packages face an influx of malware akashtdr"}]},{"@type":"WebSite","@id":"https:\/\/khaleej-trend.online\/eng\/#website","url":"https:\/\/khaleej-trend.online\/eng\/","name":"kworld trend","description":"site care about apps and trends","publisher":{"@id":"https:\/\/khaleej-trend.online\/eng\/#\/schema\/person\/f6ad643a7680ed9db4f2dff3b371363c"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/khaleej-trend.online\/eng\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/khaleej-trend.online\/eng\/#\/schema\/person\/f6ad643a7680ed9db4f2dff3b371363c","name":"hasadwan2020","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2022\/11\/cropped-download.jpg","url":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2022\/11\/cropped-download.jpg","contentUrl":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2022\/11\/cropped-download.jpg","width":512,"height":512,"caption":"hasadwan2020"},"logo":{"@id":"https:\/\/khaleej-trend.online\/eng\/wp-content\/uploads\/2022\/11\/cropped-download.jpg"},"sameAs":["https:\/\/khaleej-trend.online\/eng"]},{"@type":"Person","@id":"https:\/\/khaleej-trend.online\/eng\/#\/schema\/person\/7df2c315ab850ba5562fc3f2c7488bfa","name":"fady2023","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/76c010ce04269635108a255c024cb7773107bc7b4682e75046ef4f539728c9eb?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/76c010ce04269635108a255c024cb7773107bc7b4682e75046ef4f539728c9eb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/76c010ce04269635108a255c024cb7773107bc7b4682e75046ef4f539728c9eb?s=96&d=mm&r=g","caption":"fady2023"},"url":"https:\/\/khaleej-trend.online\/eng\/author\/fady2023\/"}]}},"_links":{"self":[{"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/posts\/11315","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/comments?post=11315"}],"version-history":[{"count":1,"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/posts\/11315\/revisions"}],"predecessor-version":[{"id":11317,"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/posts\/11315\/revisions\/11317"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/media\/11316"}],"wp:attachment":[{"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/media?parent=11315"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/categories?post=11315"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/khaleej-trend.online\/eng\/wp-json\/wp\/v2\/tags?post=11315"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}