New Blog: Mini Shai-Hulud "Miasma" Hits @redhat-cloud-services: 32 Packages at Risk
Edit Calendar Icon 1 Jun 2026
SafeDep Logo

fucktestpad npm Malware

discovered 2026-04-16
JSON CSV

npm packages from a single operator delivering Windows RATs and browser cookie/credential stealers. Every variant exfiltrates to fucktestpad@opemails.com, linking the packages to one actor.

Objective

Deploy RATs and steal browser cookies and credentials from developer machines.

Packages

Indicators

Techniques

Read the full analysis →