NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages
Tuesday, 26 April 2022
Add Comment

A "logical flaw" has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass off rogue libraries as legitimate and trick unsuspecting developers into installing them. The supply chain threat has been dubbed "Package Planting" by researchers from cloud security firm Aqua. Following responsible disclosure on February
from The Hacker News https://ift.tt/BKUMNCF
Related
Genrerating Link.... 15 seconds.
Your Link is Ready.
0 Response to "NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages"
Post a Comment