148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet

Article summary
Quick briefing — cleaned from the original RSS feed
A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog. The packages did not go after the developers who might install them. The operators used the registry as free hosting for a booby-trapped proxy site and let the students who came to dodge
1Key Takeaways
- A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog.
- The packages did not go after the developers who might install them.
- The operators used the registry as free hosting for a booby-trapped proxy site and let the students who came to dodge.
2AIWedia Score
8.4/10
High relevance — worth your attention today
Based on source trust, recency, category impact, and story depth.
3Why it matters
Tool launches and updates shape which workflows teams adopt and which vendors gain traction. The Hacker News reports that a campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog.
Explore related
Browse toolsRelated tools
AI Tools news
Explore curated ai tools tools on AIWedia — compare, rank, and launch from our directory.
Full story on The Hacker News
Read full articleHeadlines aggregated via RSS for discovery on AIWedia. Original content © The Hacker News. We link to the source and do not republish full articles.
