Keep your eyes on these SECURITY articles! npm packages caught exfiltrating Kubernetes config, SSH keys

released on 2023-09-20 @ 02:23:51 PM

Sonatype tracks an ongoing campaign that uses npm packages to retrieve and exfiltrate Kubernetes configuration and SSH keys to an external server

VERY IMPORTANT