npm registry attacked by secret-stealing worm

npm registry attacked by secret-stealing worm

Anil Neevansh Offline

Junior Member

Posts: 1
Threads: 0
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: 25 September 25

25 September 25, 12:18

Scary stuff supply chain attacks like this really show how exposed developers can be. Token leaks are no joke.
On a related note, I came across how some governments are centralizing access too, like Rajasthan in India with their SSO ID portal (https://sso-id.net/). Different field, but same idea once access is compromised, everything’s at risk.
What do you all think is the best defense tighter token scopes or better monitoring?

Find

« Next Oldest | Next Newest »

Messages In This Thread

npm registry attacked by secret-stealing worm - by harlan4096 - 16 September 25, 16:54

RE: npm registry attacked by secret-stealing worm - by harlan4096 - 25 September 25, 10:37

RE: npm registry attacked by secret-stealing worm - by Anil Neevansh - 25 September 25, 12:18

View a Printable Version

Forum Jump:

Users browsing this thread: 1 Guest(s)

Welcome
You have to register before you can post on our site. Username/Email: Password: Remember me

Recent Posts
NanaZip 6.0 Update 5 (6.0.1698.0)
NanaZip 6.0 Update ...harlan4096 — 06:29
7-Zip 26.01
7-Zip 26.01 Wha...harlan4096 — 06:26
Hasleo Backup Suite V5.8.2.0
Hasleo Backup Suite...harlan4096 — 06:25
Bitdefender 27.0.59.328
Latest version of ...harlan4096 — 06:24
AnyDesk 9.7.1 for Windows
Version 9.7.1 for ...harlan4096 — 06:23

Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
(51)~~Toligo~~

Online Staff
There are no staff members currently online.

Login
Username/Email:
Password:	Lost Password?
	Remember me