{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreifgh2lzwbx7xtjogimiqjpqhxeycxl4olxpglizekouepf32oaq2m",
    "uri": "at://did:plc:gapzbf5nl5wxaqkqoecaeawh/app.bsky.feed.post/3mhpxi3kuqf72"
  },
  "path": "/two-malicious-npm-packages-aim-to-steal-credentials-and-other-secrets/",
  "publishedAt": "2026-03-23T07:38:31.000Z",
  "site": "https://devops.com",
  "tags": [
    "Blogs",
    "Business of DevOps",
    "CI/CD",
    "DevOps and Open Technologies",
    "Features",
    "News",
    "Social - Facebook",
    "Social - LinkedIn",
    "Social - X",
    "Sonatype Microsite",
    "API Keys",
    "CI/CD pipelines",
    "credential theft",
    "Data Exfiltration",
    "exposed secrets",
    "GitHub repositories",
    "maintainer account",
    "malicious npm packages",
    "sonatype"
  ],
  "textContent": "Bad actors took over a npm maintainer account and have published two malicious packages designed to steal credentials, API keys, and other secrets from the computers of victims who download them from the repository. Analysts with Sonatype’s Security Research Team wrote in a report that the two packages – sbx-mask and touch-adv – likely are […]",
  "title": "Two Malicious npm Packages Aim to Steal Credentials and Other Secrets"
}