Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
LayerX found that BioShocking could trick AI browsers into leaking credentials by disguising malicious prompts as game rules.