WHAT ARE YOU LOOKING FOR?

NPM package caught using QR Code to fetch cookie-stealing malware

Roger Wilco Vulnerabilities 23 septembre 2025 Affichages : 96

Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this innovative steganographic technique to harvest sensitive data, such as user credentials, from a compromised machine. [...]

Pensée du jour :

Ce que l'homme a fait ,

l'homme peut le défaire.

"No secure path in the world"

WHAT ARE YOU LOOKING FOR?

NPM package caught using QR Code to fetch cookie-stealing malware

Follow us on

Most popular

AA22-117A: 2021 Top Routinely Exploited Vulnerabilities

AA19-122A: New Exploits for Unsecure SAP Systems

Bugtraq: Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888)

Vuln: Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability

Bugtraq: Web Application Firewall bypass via Bluecoat device

Vuln: Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability

Category

Popular Sections

About