ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

Hijacked npm and Go packages use VS Code tasks to deliver Python infostealer

Source headline: Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer

Threat level High
Signal strength 78/100
Source confidence 1 source
Published 4 hours ago

Intelligence Summary

JFrog reports a campaign that abuses hijacked npm packages alongside malicious Go components. The goal is to deliver a Python-based information stealer that runs on Windows, Linux, and macOS systems. The payload deployment is orchestrated via VS Code task mechanisms to reduce reliance on common npm execution paths. This approach may help the malware remain compatible with newer npm security hardenings. Users should review dependencies from npm for unexpected behavior and tighten controls around package provenance and execution.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#supply-chain #malware #npm #infostealer #vs-code
Original reporting The Hacker News Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer
Open original source

Related Pulse Signals

View all signals
High · Cybersecurity US puts $10M bounty on UNC5792 and UNC4221 over messaging app intrusions High · Cybersecurity Microsoft removes 119 malicious Edge extensions hiding payloads in images High · Cybersecurity KDDI discloses email-system breach affecting millions of ISP logins Medium · Cybersecurity Apple seeks U.S. clearance to buy RAM from Pentagon-blacklisted CXMT supplier