NPM attack targets Zapier and security tool browser extensions(opensourcemalware.com)
opensourcemalware.com
NPM attack targets Zapier and security tool browser extensions
https://opensourcemalware.com/blog/mastra-npm-malware
https://opensourcemalware.com/blog/mastra-npm-malware
- Credential managers and MFA authenticators from LastPass, Bitwarden, 1Password, Deloitte, Dashlane, ExpressVPN, KeePass, Proton, Kaspersky, passbolt, NordPass, Zoho, etc. - Zapier browser extension. Assuming this is to gain access to platforms the victim has integrated with Zapier