pino-sdk-v2
pino-sdk-v2 is identified in the SafeDep analysis "Malicious npm Package pino-sdk-v2 Exfiltrates Secrets to Discord". >
discovered 2026-03-06
Threat types
credential_stealerdata_exfiltrationtyposquat
Malicious versions
- 9.9.0
Campaigns
Indicators
Techniques
- ttpT1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
- ttpT1059.007 Command and Scripting Interpreter: JavaScriptuses
- ttpT1036 Masquerading: package impersonation and typosquattinguses
- ttpT1552.001 Unsecured Credentials: Credentials In Filesuses
- ttpT1041 Exfiltration Over C2 Channeluses
- ttpT1528 Steal Application Access Tokenuses
- ttpT1071.001 Application Layer Protocol: Web Protocolsuses
- ttpT1102 Web Serviceuses
