Malicious NPM package uses Unicode steganography to evade detection
From BleepingComputer to All on Thu May 15 10:36:33 2025
A malicious package in the Node Package Manager index uses invisible Unicode characters to hide malicious code and Google Calendar links to host the URL for the command-and-control location. [...]