Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

April 19, 2025 invoker category_news

Security Update News

Update Information

Title Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
Update ID THN:139C23C513CE516392F36203890D9DCE
Type thn
Published 2025-04-19T15:11:00
Last Updated 2025-04-19T15:13:45

Security Impact

CVSS Score 0.0
Severity NONE
Attack Vector

Affected CVEs

Update Details

Cybersecurity researchers have uncovered three malicious packages in the npm registry that masquerade as a popular Telegram bot library but harbor SSH backdoors and data exfiltration capabilities. The packages in question are listed below -…

View Advisory Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.