Fake Roblox Packages Target NPM With Luna Grabber Information-Stealing Malware

Researchers at ReversingLabs have discovered a malicious campaign targeting Roblox developers on the npm public repository. The campaign involves malicious packages that imitate the legitimate package noblox.js, a Node.js Roblox API wrapper.