Bleeping Computer

Malicious NPM libraries install ransomware, password stealer

Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users. After the malicious NPM libraries are added to a project and ...
Hosted on MSN

Roblox devs under attack by new malicious npm campaign

Cybercriminals were, once again, spotted impersonating legitimate businesses, as they try to steal valuables from software developers. This time around, researchers from Checkmarx saw fake Roblox npm ...
TechRadar

Those Roblox npm downloads could be infected with malware

Cybersecurity researchers have once again found (and eradicated) malicious npm packages, this time delivering ransomware and password-stealing trojans on unsuspecting users. Pretending to be Roblox ...
Dark Reading

Evolving npm Package Campaign Targets Roblox Devs, for Years

Attackers for at least a year have been using malicious Node Package Manager (npm) packages that mimic the popular "noblox.js" library to target Roblox game developers with malware that steals Discord ...
Dark Reading

Luna Grabber Malware Targets Roblox Gaming Devs

Since the start of this month, researchers at ReversingLabs have found a host of malicious, multistage packages on the npm public repository that implant an open source, information-stealing malware ...