New Ransomware Strain Discovered Lurking in Open-Source Packages
Unlike most open-source attacks, the payload is not executed upon installation, but only when the infected function is called, allowing the threat actor to remain undetected by many security scanners. ... Our Typosquatting and StarJacking engines alerted us on suspicious packages published by NPM user account “randomusernamelol “and PyPi user accounts “cia.gov” and “cookiedid911” which we swiftly reported to PyPi and NPM as we continued to deep dive and analyze the malware. Malware: OskiStealer [View Article](https://medium.com/checkmarx-security/new-ransomware-strain-discovered-lurking-in-open-source-packages-b653efaddcb6)