NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages

A “logical flaw” has been disclosed in NPM, the default package manager for the Node.js JavaScript runtime environment, that enables malicious actors to pass off rogue libraries as legitimate and trick unsuspecting developers into installing them.
The supply chain threat has been dubbed “Package…

Link: NPM Bug Allowed Attackers to Distribute Malware as Legitimate Packages
via thehackernews.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: