Head Topics

Light shone on typo-squatting NPM supply chain attack

Belgique Nouvelles Nouvelles

Light shone on typo-squatting NPM supply chain attack
Belgique Dernières Nouvelles,Belgique Actualités
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 37 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 18%
  • Publisher: 61%

Typo-squatting NPM software supply chain attack uncovered

Combined with typo-squatting, bad actors have attempted to cover up the malicious code lurking within packages using an obfuscator. The JavaScript Obfuscator tool is designed to protect code from reverse engineering and tampering. Miscreants have taken to using it to disguise JavaScript with more nefarious purposes. As such, engineers have taken its use as an indicator that a package might merit a closer look.asked the package slinger and its parent, GitHub, what could be done about the attack.

As with all too many attacks, it appears to depend on users not being totally clear on what they are downloading. In its blog post on the matter, ReversingLabs noted that:"The decentralized and modular nature of application development means that applications and services are only as strong as their least secure component.

"The success of this attack – with more than two dozen malicious modules available for download on a popular package repository, and one of them with 17,000 downloads in a matter of weeks – underscores the freewheeling nature of application development, and the low barriers to malicious or even vulnerable code entering sensitive applications and IT environments." ®

Nous avons résumé cette actualité afin que vous puissiez la lire rapidement. Si l'actualité vous intéresse, vous pouvez lire le texte intégral ici. Lire la suite:

TheRegister /  🏆 67. in UK

Belgique Dernières Nouvelles, Belgique Actualités

Similar News:Vous pouvez également lire des articles d'actualité similaires à celui-ci que nous avons collectés auprès d'autres sources d'information.

Kimbal Musk's new company buys Intel's light drone businessKimbal Musk's new company buys Intel's light drone businessYet another sign x86 giant has moved past Krzanich era to focus on core chip businesses
Lire la suite »

Oil And Gas Stocks Provide A Glimmer Of Light In A Dark Market | OilPrice.comOil And Gas Stocks Provide A Glimmer Of Light In A Dark Market | OilPrice.comThough the market is reeling, oil and gas stocks are booming thanks to the rise in commodity prices fueled by the Ukraine war
Lire la suite »

KNOG looks out for your bike with Scout, their new light weight bike alarm & tracking device!KNOG looks out for your bike with Scout, their new light weight bike alarm & tracking device!Knog, the Australian designer of bike accessory, releases the Scout, which is both a super loud bike alarm and highly accurate bike finder.
Lire la suite »

Sheila Garvie: Glasgow author's book throws new light on 'Scotland's most salacious' murder trialSheila Garvie: Glasgow author's book throws new light on 'Scotland's most salacious' murder trialThe three versions of what happened are almost entirely contradictory 👀
Lire la suite »

I’m a size 16 and picked up the perfect light trousers for summer from TescoI’m a size 16 and picked up the perfect light trousers for summer from TescoTOO thick, too tight or too loose. They’re just some of the issues people can have when searching for the perfect pair of summer trousers. But one woman claims to have found an absolute steal…
Lire la suite »

Leeds church dating back to 1828 could become incredible six-bedroom home if plans given green lightLeeds church dating back to 1828 could become incredible six-bedroom home if plans given green lightA grade II listed church which dates back to 1828 could be transformed into an incredible six bedroom house if new plans are given the green light.
Lire la suite »



Render Time: 2025-04-20 15:45:54