Apifox desktop client suffers from a supply chain attack, malicious code can steal credentials and execute commands remotely

According to Slow Fog monitoring, the Apifox desktop client has encountered a supply chain attack, with front-end script files hosted on its official CDN being injected with highly obfuscated malicious JavaScript code.

Affected users may face risks such as credential theft, sensitive data leakage, and remote command execution, with the malicious code executing automatically and being highly concealed. Slow Fog recommends that users immediately revoke all Tokens, reset passwords, log out and log back in to invalidate sessions, block the *.apifox.it.com domain, clear local storage, and review API logs and abnormal activities.