Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Written by

The Hacker NewsCybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners.
The package in question is eslint-plugin-unicorn-ts-2, which masquerades as a TypeScript extension of the popular ESLint plugin. It was uploaded to the registry by a user named “hamburgerisland” in February 2024. The package has been downloadedRead More

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

Comments

Leave a Reply Cancel reply

More posts

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute