CursedGrabber malware

Pierluigi Paganini November 23, 2020
Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Sonatype’s deep dive research allowed to identify a new family of Discord malware called CursedGrabber. Sonatype has discovered more malware in the npm registry which, following our analysis and multiple cyber threat intelligence reports, has led to the discovery of a novel and large scale malware campaign leveraging the open-source ecosystem. The malware called “xpc.js” […]