Malicious npm Packages Found Exfiltrating Sensitive Data from Developers,
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.
Software supply chain firm Phylum, which first identified the « test » packages on July 31, 2023, said they « demonstrated increasing functionality and refinement, » hours after which they were removed and re-uploaded under different
Software supply chain firm Phylum, which first identified the « test » packages on July 31, 2023, said they « demonstrated increasing functionality and refinement, » hours after which they were removed and re-uploaded under different
,
Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.
Software supply chain firm Phylum, which first identified the « test » packages on July 31, 2023, said they « demonstrated increasing functionality and refinement, » hours after which they were removed and re-uploaded under different
Software supply chain firm Phylum, which first identified the « test » packages on July 31, 2023, said they « demonstrated increasing functionality and refinement, » hours after which they were removed and re-uploaded under different
, ,
https://thehackernews.com/2023/08/malicious-npm-packages-found.html