Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems – Go Health Pro
Apr 19, 2025Ravie LakshmananLinux / Malware Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below – According to supply chain security firm Socket, the packages are designed to mimic node-telegram-bot-api, … Read more