Malicious Npm Packages

Tag

cyberattack

The NPM Registry API may be subject to a new timing attack that exposes private packages.

Srivani Reddy·October 14, 2022

Developers may be exposed to supply chain risks as a result of novel timing attacks uncovered against the registry API of the npm package…

Comment

General

Malicious Npm Packages Target Discord Users Once More

Srivani Reddy·July 30, 2022

A recent LofyLife campaign infects client files and obtains tokens to track user activity including logins, password changes, and payment methods. Researchers have discovered…

Comment