No Festive Break for Security as Attackers Target Almost 300 NPM Packages
Our team detected an attack on npm packages that utilized typosquatting to compromise nearly 300 NPM packages.
Our team detected an attack on npm packages that utilized typosquatting to compromise nearly 300 NPM packages.
Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm: reverse remote shell as part of typosquatting attack on the popular ‘cors’ package, and an ATO attack on the “Just Eat” organization.