WE ARE ON YOUR SIDE.
ALWAYS.

Piece of news of the day

ADVANCED SECURITY EUROPA

EOOD

Unveiled: The Inside Story of a Malicious npm Package's GitHub Data Theft

29 May 2026

A malicious npm package, mouse5212-super-formatter, was discovered leaking its hardcoded GitHub token, allowing researchers to witness data theft in real-time.
The package acted as an infostealer, uploading victim files to a repository controlled by the attacker.
Despite being downloaded 676 times, it has since been removed from npm.
The malware disguised itself as a sync utility, authenticating to GitHub and uploading files.
The flaw was a hardcoded token, revealing the operator's identity.
OX Security highlighted this as an example of sloppy, AI-generated malware by inexperienced threat actors.
They advise revoking GitHub tokens and considering compromised files in the affected directory.

Read the full article here
Back to Security News