Attackers have poisoned a code package on the npm registry in a novel way, hiding credential-stealing malware in steganographic QR codes embedded in a package purporting to offer a JavaScript utility.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback