1. Home

Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

  • Posted on February 23, 2026
  • By The Hacker News
  • 7 Views
Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens

19 npm packages spread SANDWORM_MODE worm, stealing tokens, crypto keys, CI secrets, and AI API keys via MCP injection
continue reading...

Author
The Hacker News

You May Also Like