Tag: token hijacking

Malware Worm Exploits npm Packages to Hijack Developer Tokens

Meet CanisterSprawl, a sneaky self-propagating worm that's compromising npm packages and using stolen developer tokens to spread its reach. This malware goes beyond just stealing credentials, turning one infected environment into a web of additional package compromises.