NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

Written By Auto Tech Tuesday, 26 April 2022 Add Comment

April 27, 2022 at 10:27AM

A "logical flaw" has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass off rogue libraries as legitimate and trick unsuspecting developers into installing them. The supply chain threat has been dubbed "Package Planting" by researchers from cloud security firm Aqua. Following responsible disclosure on February

from The Hacker News https://ift.tt/BKUMNCF

New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

{ads}

NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

Related

0 Response to "NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads

{ads}

NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

Related

Related Posts

0 Response to "NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads