News
AsyncAPI npm packages infected with credential-stealing malware
Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that delivered a remote access trojan with info-stealing capabilities. [...]
By SWI Community TeamJul 16, 2026
Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that delivered a remote access trojan with info-stealing capabilities. [...]
Source: bleepingcomputer.com
Independent analysis. No vendor sponsorship.