Malicious npm Package Attacks Linux Developers to Install SSH Backdoors
Introduction A concerning new type of supply chain attack has emerged, targeting Linux developers working with the Telegram bot ecosystem. Discovered in early 2025, multiple malicious npm packages disguised themselves as legitimate Telegram bot libraries to provide SSH backdoors and steal sensitive data from unsuspecting developers. These domain-squatted packages accumulated approximately 300 downloads over several … Read more