According to Mars Finance, SlowMist has detected a supply chain attack on the Apifox desktop client, injecting highly obfuscated malicious JavaScript code into its official CDN-hosted front-end script files. Affected users may face risks such as credential theft, sensitive data leakage, and remote command execution. The malicious code is automated and highly stealthy. SlowMist recommends users immediately revoke all tokens, reset passwords, log out and log back in to invalidate sessions, block the *.apifox.it.com domain, clear local storage, and review API logs and unusual activity.
Apifox desktop client suffers supply chain attack; malicious code can steal credentials and execute commands remotely.
This article is machine translated
Show original
Source
Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.
Like
Add to Favorites
Comments
Share
Relevant content
