Researchers Uncover Malicious npm Packages Mimicking Telegram Bot Library

Cybersecurity researchers have discovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but contain SSH backdoors and data exfiltration capabilities. The affected packages are node-telegram-utils (132 downloads), node-telegram-bots-api (82 downloads), and node-telegram-util (73 downloads). These packages target Linux systems by exploiting the supply chain.