Cybersecurity

Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware

22750783
Four compromised AsyncAPI npm packages load a multi-stage botnet from IPFS after attackers abuse GitHub Actions, despite valid provenance attestations