ReDoS vulnerabilities in npm spikes by 143% and XSS continues to grow
Source
SnykReDoS vulnerabilities in npm spikes by 143% and XSS continues to growsnyk.ioYou might also wanna read
NPM Vulnerability Allows 126 Malicious Packages to Be Downloaded 86,000+ Times
Security researchers have discovered a major vulnerability in NPM (Node Package Manager) that allows attackers to distribute malicious packa
arstechnica.com·8mo agoPopular npm packages debug and chalk compromised with crypto-intercepting malware
Starting September 8th, 2023, the popular npm packages "debug" and "chalk" were compromised with malicious code. These packages, which colle
aikido.dev·10mo agoPost-mortem Analysis of @ctrl/tinycolor npm Supply Chain Attack via GitHub Actions
A detailed post-mortem analysis of a supply chain attack on the @ctrl/tinycolor npm package. The attack occurred when a malicious GitHub Act
Security Researchers Discover Critical XSS Vulnerabilities in Mintlify Platform Affecting Major Tech Companies
A 16-year-old hacker and his friends discovered critical cross-site scripting vulnerabilities in Mintlify, an AI documentation platform used
Major NPM Supply Chain Attack: @ctrl/tinycolor and 40+ Packages Compromised with Self-Propagating Malware
A sophisticated supply chain attack has compromised the popular @ctrl/tinycolor NPM package (with over 2 million weekly downloads) along wit
npm's Security Measures Criticized as Insufficient Against AI-Generated Malware in JavaScript Ecosystem
The article criticizes npm's security measures, arguing that reactive solutions like 2FA cooldowns and account freezes are insufficient agai
undercodetesting.com·10d ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.