Malicious npm Packages Distribute Infostealer Targeting Multiple OSes

Security researchers from Phylum have discovered malicious npm packages that mimic popular projects such as "discord.js" and "axios". These packages download an infostealer component called "S1deload Stealer," which targets Windows, Linux, and macOS systems. The infostealer is capable of collecting a wide range of sensitive information, including browser credentials, cryptocurrency wallet data, and system information. The malicious packages were downloaded thousands of times before being detected and removed, indicating a significant potential impact. This incident highlights the growing threat of supply chain attacks in open-source ecosystems and the need for robust security measures. Organizations should regularly audit their dependencies, use tools to detect malicious code, and implement strict security policies for package management. Developers should be educated about the risks of dependency confusion and encouraged to follow best practices for secure coding.