Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

ottoto @ottoto2017@prattohome.com

4/20/2025, 4:50:22 AM

Public

「不正なnpmパッケージがTelegramボットAPIを模倣し、LinuxシステムにSSHバックドアを仕掛ける」： The Hacker News

「サイバーセキュリティ研究者は、npm レジストリで、人気の Telegram ボットライブラリを装いながら SSH バックドアとデータ窃盗機能を備えた 3 つの悪意のあるパッケージを発見しました。

問題となっているパッケージは以下のとおりです。

node-telegram-utils (ダウンロード数 132)
node-telegram-bots-api (ダウンロード数 82)
node-telegram-util (ダウンロード数 73)

」

https://thehackernews.com/2025/04/rogue-npm-packages-mimic-telegram-bot.html

#prattohome #TheHackerNews

Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems

3 fake npm packages mimicking Telegram Bot API added SSH backdoors on Linux, risking persistent access.

thehackernews.com · The Hacker News

If you have a fediverse account, you can quote this note from your own instance. Search https://prattohome.com/users/ottoto2017/statuses/114368487269128560 on your instance and quote it. (Note that quoting is not supported in Mastodon.)