Malware has been discovered hidden in two popular libraries for NPM, the JavaScript package manager.
The two libraries — Coa and RC — each contained the password-stealing malware DanaBot. This malware is suspected to have been snuck into these libraries through unauthorized usage of the developers' accounts. Combined, Coa and RC have cumulative weekly downloads of 22 million.
Regardless of which malware variant is used, or how it's delivered, cyberthreats like DanaBot can be identified and blocked based on the malicious behaviors they exhibit. Acronis Cyber Protect uses advanced behavioral detection, powered by machine intelligence, to prevent malicious software from executing — keeping your critical data safe.