Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Any good payload analysis been published yet? Really curious if this was just a one and done info stealer or if it potentially could have clawed its way deeper into affected systems.


This article[0] investigated the payload. It's a RAT, so it's capable of executing whatever shell commands it receives, instead of just stealing credentials.

[0]: https://safedep.io/axios-npm-supply-chain-compromise/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: