Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Written By Auto Tech Wednesday, 5 July 2023 Add Comment

July 05, 2023 at 02:30PM

The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. "A npm package's manifest is published independently from its tarball," Darcy Clarke, a former GitHub and npm engineering manager

from The Hacker News https://ift.tt/1nXZyGf

Microsoft Warns of StilachiRAT: A Stealthy RAT Targeting Credentials and Crypto Wallets
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions

{ads}

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Related

0 Response to "Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads

{ads}

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Related

Related Posts

0 Response to "Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads