The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
At the center of the scheme is a hacking platform called Kali365. Unlike traditional phishing attacks that rely on stealing credentials, Kali365 targets OAuth device ...