PANews
PANews|3月 26, 2026 05:10
[SlowMist: Apifox Desktop Client Hit by Supply Chain Attack, Malicious Code Can Steal Credentials and Execute Commands Remotely] According to monitoring by SlowMist, the Apifox desktop client has suffered a supply chain attack, with highly obfuscated malicious JavaScript code injected into the front-end script files hosted on its official CDN. Affected users may face risks such as credential theft, sensitive data leakage, and remote command execution, with the malicious code executing automatically and being highly covert. SlowMist recommends users immediately revoke all tokens, reset passwords, log out and log back in to invalidate sessions, block the *.apifox.(it.com) domain, clear local storage, and review API logs and abnormal activities.
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads