malware npm

@wame/ngx-adfs

discovered 2026-03-24

@wame/ngx-adfs is identified in the SafeDep analysis "sl4x0 Dependency Confusion: 92 Packages Target Fortune 500". A sustained dependency confusion campaign by the sl4x0 actor likely targets 20+ organizations including Adobe, Ford, Sony, and Coca-Cola with 92+ malicious npm packages exfiltrating developer data via DNS.

more…

Threat types

credential_stealer data_exfiltration rat persistence dependency_confusion

Malicious versions

999.999.999

Campaigns

Enterprise Dependency Confusionattributed-to

Techniques

ttp T1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Toolsuses
ttp T1059.007 Command and Scripting Interpreter: JavaScriptuses
ttp T1036 Masqueradinguses
ttp T1552.001 Unsecured Credentials: Credentials In Filesuses
ttp T1041 Exfiltration Over C2 Channeluses
ttp T1105 Ingress Tool Transferuses
ttp T1071.001 Application Layer Protocol: Web Protocolsuses
ttp T1546 Event Triggered Executionuses

Read the full analysis →