Pulse of Truth

2347 readers

47 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth

Supply chain blast: Top npm package backdoored to drop dirty RAT on dev machines (www.theregister.com)

submitted 18 hours ago by lemmydev2 to c/pulse_of_truth

0 comments fedilink hide all child comments

Hijacked maintainer account let attackers slip cross-platform trojan into 100M-downloads-a-week Axios One of npm's most widely used HTTP client libraries briefly became a malware delivery vehicle after attackers hijacked a maintainer's account and slipped a remote-access trojan (RAT) into two seemingly legitimate axios releases, in what's being described as "one of the most impactful npm supply chain attacks on record."…

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here