Cybersecurity researchers have discovered a malicious npm package that comes with stealthy features to inject malicious code into desktop apps for cryptocurrency wallets like Atomic and Exodus on Windows systems. The package, named nodejs-smtp, impersonates the legitimate email library nodemailer with an identical tagline, page styling, and README descriptions, attracting a total of 347
![]()
source https://thehackernews.com/2025/09/malicious-npm-package-nodejs-smtp.html
source https://thehackernews.com/2025/09/malicious-npm-package-nodejs-smtp.html