In this episode, we break down the recent compromise of the rand-user-agent NPM package—an attack that quietly turned a once-trusted JavaScript library into a delivery mechanism for a Remote Access Trojan (RAT). The attacker exploited the package’s deprecated but still-popular status, publishing malicious versions that never appeared in the GitHub repo.We discuss how the threat actor used obfuscated code, off-screen whitespace tricks, and a Windows-specific PATH hijack to hide their RAT, which established a command-and-control (C2) channel capable of remote shell access, file uploads, and command execution. You’ll also hear how this incident fits into broader trends of CI/CD pipeline poisoning and software supply chain attacks—and what developers, security teams, and enterprises should do to avoid being the next target.
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other recent transcribed episodes
Transcribed and ready to explore now
3ª PARTE | 17 DIC 2025 | EL PARTIDAZO DE COPE
01 Jan 1970
El Partidazo de COPE
13:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
10:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
13:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana