Get a Pentest and security assessment of your IT network.

News

The NPM package that walked away with all your passwords

Software developers are increasingly being targeted by supply chain attacks. NPM, node package manager, hosts almost 9M packages, which in turn consist of 1.7 billion files, or just under 37.5TB worth of data. Backdoors are particularly tricky to detect because of this because of the complexity of finding them can be difficult. Backdoored packages can be hidden away, surrounded by hundreds of others written by the original software authors. A password recovery tool used to refresh your memory when you forget a website credential is OK, but it being found in NPM repository, probably not OK.”]

Source: https://blog.secure.software/the-npm-package-that-walked-away-with-all-your-passwords

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Take note, next week update Adobe Reader and Acrobat to fix critical flaws

News

Linux bug leaves 1.4 billion Android users vulnerable to hijacking attacks