Quantcast
Channel: Greg Kushto | CSO Online
Viewing all articles
Browse latest Browse all 863

Beware malicious NPM packages, Checkmarx warns

$
0
0

Application testing company Checkmarx has warned developers to be on the lookout for malicious NPM packages, after discovering a new attack that employs typosquatting to impersonate two popular packages.

Part of a much larger campaign against NPM, in a new twist, the malicious package eschews traditional command & control (C2) by using the Ethereum blockchain to hold the addresses of its malicious payloads.

Continue reading on InfoWorld.


Viewing all articles
Browse latest Browse all 863

Trending Articles