Malicious npm package downloaded 2,001 times hides payload via Unicode and Google Calendar links.

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

A malicious npm package, 'os-info-checker-es6,' masquerading as an OS utility, uses Unicode-based steganography and Google Calendar to stealthily deliver a payload to compromised systems. The package employs Google's service as a dead drop to obscure its C2 infrastructure, demonstrating a sophisticated attack tactic. Although the campaign seems inactive or still in development, it's a significant threat within the npm ecosystem. The disclosure highlights the need for enhanced detection of malicious open-source packages through behavioral analysis and validation techniques.

Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper