NPM packages disguised as Roblox API code caught carrying ransomware

Subverted libraries likely intended as a prank but should be taken seriously, say security researchers

Yet another NPM library has turned up infected with malware. Security firm Sonatype on Wednesday said it had spotted two related malicious NPM libraries that were named so they might be mistaken for a popular legitimate module that serves as a Roblox API wrapper.…

Comments are closed.