Pretend npm utilities remotely delete whole app directories – Model Slux
Malicious npm packages posing as respectable utility utilities create damaging backdoor endpoints that allow distant deletion of app directories, Socket reported Thursday.The packages — express-api-sync and system-health-sync-api — have been printed by npm person botsailer on June 3, 2025, and have since been eliminated by npm attributable to malicious code.Specific-api-sync presupposed to function a easy … Read more
