Cybersecurity

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

22661072
Malicious npm package mimics an ESLint plugin, embeds an AI-tricking prompt, and steals environment variables via a post-install script.
More info
thehackernews.com - Cybersecurity