Threat actors published five malicious npm packages (node-dlls, ro.dll, autoadv, and two versions of rolimons-api) impersonating legitimate Roblox developer modules, which are designed to steal credentials and personal data, were downloaded over 320 times before removal.  The attack leveraged typosquatting, supply chain compromise, and readily available malware to bypass security measures, which underscores the vulnerability … Continue reading Beware: Roblox Devs Targeted by Malicious npm Packages