home.social

#maliciouspackages — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #maliciouspackages, aggregated by home.social.

  1. Mini Shai-Hulud Campaign Targets npm Ecosystem with Malicious AntV Packages

    A large-scale attack has infected hundreds of popular npm packages, including widely-used data visualization and React components, with malicious updates, putting a vast number of projects and applications at risk. The attackers published 639 malicious versions across 323 unique packages in a fast-moving supply chain operation.

    osintsights.com/mini-shai-hulu

    #SupplyChain #MaliciousPackages #NpmEcosystem #Antv #React

  2. #PhantomRaven is back 👻🐦‍⬛ We found 3 new waves distributing 88 #maliciouspackages (81 still live on npm). Packages look clean, but a hidden URL in package.json pulls credential-stealing malware.
    endorlabs.com/learn/return-of-

  3. WhatsApp devs, beware: rogue npm packages disguised as legit libraries can unleash a data wipe (rm -rf *) and hide a secret exfiltration function. How safe is your code when even kill switches are in play? Dive deeper.

    thedefendopsdiaries.com/unmask

    #npmsecurity
    #whatsappdevelopers
    #supplychainattack
    #cybersecurity
    #maliciouspackages

  4. WhatsApp devs, beware: rogue npm packages disguised as legit libraries can unleash a data wipe (rm -rf *) and hide a secret exfiltration function. How safe is your code when even kill switches are in play? Dive deeper.

    thedefendopsdiaries.com/unmask

    #npmsecurity
    #whatsappdevelopers
    #supplychainattack
    #cybersecurity
    #maliciouspackages

  5. WhatsApp devs, beware: rogue npm packages disguised as legit libraries can unleash a data wipe (rm -rf *) and hide a secret exfiltration function. How safe is your code when even kill switches are in play? Dive deeper.

    thedefendopsdiaries.com/unmask

    #npmsecurity
    #whatsappdevelopers
    #supplychainattack
    #cybersecurity
    #maliciouspackages

  6. OpenSSF Malicious Packages: This repository is a collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format: github.com/ossf/malicious-pack

    #MaliciousPackages #osv #openssf

  7. OpenSSF Malicious Packages: This repository is a collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format: github.com/ossf/malicious-pack

    #MaliciousPackages #osv #openssf

  8. OpenSSF Malicious Packages: This repository is a collection of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format: github.com/ossf/malicious-pack

    #MaliciousPackages #osv #openssf

  9. I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

    github.com/ludothegreat/Python

    #PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

  10. I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

    github.com/ludothegreat/Python

    #PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

  11. I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

    github.com/ludothegreat/Python

    #PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

  12. I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

    github.com/ludothegreat/Python

    #PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages

  13. I had #ChatGPT write a #Python script to scan my machines for the infected packages mentioned in this @BleepingComputer article. I've tested it on my work laptop and that is it. Please feel free to test it out and let me know if it works.

    github.com/ludothegreat/Python

    #PythonSecurity #MaliciousPackages #DataProtection #PythonScript #InfoSec #cybersecurity #PythonPackages