StegaBin uses malicious npm packages to steal developer credentials through a hidden multi-stage payload

A fresh software supply chain campaign is targeting developers through npm packages that appear harmless at first glance. Security reporting published around March 2 and March 3 says the operation, now being tracked as “StegaBin,” involved 26 malicious npm packages that used install-time scripts, hidden Pastebin data, and Vercel-hosted infrastructure to deploy a credential stealer […] The post StegaBin uses malicious npm packages to steal developer credentials through a hidden multi-stage payload appeared first on VPN Central.