• Chrome On Windows Account Recovery Tool Caught Stealing Passwords

    12 days ago - By Android Headlines

    Code published to Node Package Manager has been caught stealing passwords from legitimate account recovery tools in Chrome on Windows. That's based on recent reports , detailing the malicious code, which was found in two packages in the NPM repository.
    For clarity, npm is the default package manager for the JavaScript runtime environment Node.js. That's built on Chrome's V8 JavaScript engine and is similar to GitHub or PyPI. In effect acting as a part of the software supply chain managing JavaScript packages. Hosting up to 1.5 million unique packages and managing more than 1 billion...
    Read more ...