Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
npm registry attacked by secret-stealing worm
npm registry attacked by secret-stealing worm
Anil Neevansh Offline
Junior Member
**
Posts: 1
Threads: 0
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: 25 September 25
#3
25 September 25, 12:18
Scary stuff supply chain attacks like this really show how exposed developers can be. Token leaks are no joke.
On a related note, I came across how some governments are centralizing access too, like Rajasthan in India with their SSO ID portal (https://sso-id.net/). Different field, but same idea once access is compromised, everything’s at risk.
What do you all think is the best defense tighter token scopes or better monitoring?
Find
Reply


Messages In This Thread
RE: npm registry attacked by secret-stealing worm - by Anil Neevansh - 25 September 25, 12:18

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Wikipedia sees decline in human pageview...
Wikipedia has reve...harlan4096 — 11:30
Google announces end of many of its Priv...
When Google announ...harlan4096 — 11:29
Xubuntu's website was hacked to spread a...
Xubuntu's website ...harlan4096 — 07:19
EPIM PRO
NOTE Astonsoft ...jasonX — 18:32
PrivadoVPN - Secure Every Device with On...
PrivadoVPN - Secure ...jasonX — 17:45

[-]
Birthdays
Today's Birthdays
avatar (47)vikgoMam
Upcoming Birthdays
avatar (47)Michaelaceve
avatar (37)QuadirLigh
avatar (38)Mblippek
avatar (44)viecontAceve
avatar (40)Michaelcrini

[-]
Online Staff
There are no staff members currently online.

>