Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
npm registry attacked by secret-stealing worm
npm registry attacked by secret-stealing worm
Anil Neevansh Offline
Junior Member
**
Posts: 1
Threads: 0
Thanks Received: 0 in 0 posts
Thanks Given: 0
Joined: 25 September 25
#3
25 September 25, 12:18
Scary stuff supply chain attacks like this really show how exposed developers can be. Token leaks are no joke.
On a related note, I came across how some governments are centralizing access too, like Rajasthan in India with their SSO ID portal (https://sso-id.net/). Different field, but same idea once access is compromised, everything’s at risk.
What do you all think is the best defense tighter token scopes or better monitoring?
Find
Reply


Messages In This Thread
RE: npm registry attacked by secret-stealing worm - by Anil Neevansh - 25 September 25, 12:18

Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
AnyDesk 8.0.3 for Linux
Version 8.0.3 for ...harlan4096 — 09:05
Google Chrome 149.0.7827.196/197
Google Chrome 149....harlan4096 — 09:04
System Restore Evolved: Windows 11 Point...
Imagine if a bad d...harlan4096 — 09:01
Avast 26.6.11050 & AVG 26.6.11050
Avast 26.6.11050 :...harlan4096 — 18:11
Mozilla Firefox Browser 152.0.2
Mozilla Firefox Br...harlan4096 — 18:09

[-]
Birthdays
Today's Birthdays
avatar (40)efynu
Upcoming Birthdays
avatar (39)Tedscolo
avatar (46)brakasig

[-]
Online Staff
There are no staff members currently online.

>