NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

Written By Auto Tech Tuesday, 26 April 2022 Add Comment

April 27, 2022 at 10:27AM

A "logical flaw" has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass off rogue libraries as legitimate and trick unsuspecting developers into installing them. The supply chain threat has been dubbed "Package Planting" by researchers from cloud security firm Aqua. Following responsible disclosure on February

from The Hacker News https://ift.tt/BKUMNCF

Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
GitHub Action Compromise Puts CI/CD Secrets at Risk in Over 23,000 Repositories

{ads}

NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

Related

0 Response to "NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads

{ads}

NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

Related

Related Posts

0 Response to "NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads