Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Written By Auto Tech Wednesday, 5 July 2023 Add Comment

July 05, 2023 at 02:30PM

The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. "A npm package's manifest is published independently from its tarball," Darcy Clarke, a former GitHub and npm engineering manager

from The Hacker News https://ift.tt/1nXZyGf

New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection
GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks

{ads}

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Related

0 Response to "Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads

{ads}

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

Related

Related Posts

0 Response to "Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware"

Post a Comment

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads