Researchers have discovered 60 malicious npm packages in the package registry designed to gather hostnames, IP addresses, DNS servers, and user directories to a Discord endpoint. The security firm Socket identified the accounts through which these packages were published. The information harvested from these packages is believed to assist threat actors in identifying high-value targets for future campaigns. Simultaneously, some other malicious npm packages disguised as helper libraries for various JavaScript frameworks are available for download despite having destructive payloads.
MedCity Pivot Podcast: Clinical Documentation Improvement With Smarter Technologies
[Sponsored] Smarter Technologies CEO Jeremy Delinsky explains how the company’s AI infrastructure can help support health system’s clinical documentation improvement efforts, ultimately strengthening RCM. The
