Head Topics

Light shone on typo-squatting NPM supply chain attack

Deutschland Nachrichten Nachrichten

Light shone on typo-squatting NPM supply chain attack
Deutschland Neuesten Nachrichten,Deutschland Schlagzeilen
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 37 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 18%
  • Publisher: 61%

Typo-squatting NPM software supply chain attack uncovered

Combined with typo-squatting, bad actors have attempted to cover up the malicious code lurking within packages using an obfuscator. The JavaScript Obfuscator tool is designed to protect code from reverse engineering and tampering. Miscreants have taken to using it to disguise JavaScript with more nefarious purposes. As such, engineers have taken its use as an indicator that a package might merit a closer look.asked the package slinger and its parent, GitHub, what could be done about the attack.

As with all too many attacks, it appears to depend on users not being totally clear on what they are downloading. In its blog post on the matter, ReversingLabs noted that:"The decentralized and modular nature of application development means that applications and services are only as strong as their least secure component.

"The success of this attack – with more than two dozen malicious modules available for download on a popular package repository, and one of them with 17,000 downloads in a matter of weeks – underscores the freewheeling nature of application development, and the low barriers to malicious or even vulnerable code entering sensitive applications and IT environments." ®

Wir haben diese Nachrichten zusammengefasst, damit Sie sie schnell lesen können. Wenn Sie sich für die Nachrichten interessieren, können Sie den vollständigen Text hier lesen. Weiterlesen:

TheRegister /  🏆 67. in UK

Deutschland Neuesten Nachrichten, Deutschland Schlagzeilen

Similar News:Sie können auch ähnliche Nachrichten wie diese lesen, die wir aus anderen Nachrichtenquellen gesammelt haben.

Kimbal Musk's new company buys Intel's light drone businessKimbal Musk's new company buys Intel's light drone businessYet another sign x86 giant has moved past Krzanich era to focus on core chip businesses
Weiterlesen »

Oil And Gas Stocks Provide A Glimmer Of Light In A Dark Market | OilPrice.comOil And Gas Stocks Provide A Glimmer Of Light In A Dark Market | OilPrice.comThough the market is reeling, oil and gas stocks are booming thanks to the rise in commodity prices fueled by the Ukraine war
Weiterlesen »

KNOG looks out for your bike with Scout, their new light weight bike alarm & tracking device!KNOG looks out for your bike with Scout, their new light weight bike alarm & tracking device!Knog, the Australian designer of bike accessory, releases the Scout, which is both a super loud bike alarm and highly accurate bike finder.
Weiterlesen »

Sheila Garvie: Glasgow author's book throws new light on 'Scotland's most salacious' murder trialSheila Garvie: Glasgow author's book throws new light on 'Scotland's most salacious' murder trialThe three versions of what happened are almost entirely contradictory 👀
Weiterlesen »

I’m a size 16 and picked up the perfect light trousers for summer from TescoI’m a size 16 and picked up the perfect light trousers for summer from TescoTOO thick, too tight or too loose. They’re just some of the issues people can have when searching for the perfect pair of summer trousers. But one woman claims to have found an absolute steal…
Weiterlesen »

Leeds church dating back to 1828 could become incredible six-bedroom home if plans given green lightLeeds church dating back to 1828 could become incredible six-bedroom home if plans given green lightA grade II listed church which dates back to 1828 could be transformed into an incredible six bedroom house if new plans are given the green light.
Weiterlesen »



Render Time: 2025-03-15 17:26:47