npm package – WindowsTechs.com

Malicious npm package exfiltrating data from UNIX systems

Posted on January 14, 2020 by Alina Bizga

A malicious JavaScript package was uploaded Dec. 30 2019 on the Node Package Manager (npm), the world’s largest software registry, containing over 800,000 code packages that developers use to write JavaScript applications. The package, identified… Continue reading Malicious npm package exfiltrating data from UNIX systems→

Cisco Takes Another Stab at Patching Recent WebEx Vulnerability

Posted on November 28, 2018 by Lucian Constantin

Cisco Systems has released a new patch for a remotely exploitable privilege escalation vulnerability after security researchers found that its previous fix was incomplete. The company first patched the vulnerability, known as WebExec or CVE-2018-15442… Continue reading Cisco Takes Another Stab at Patching Recent WebEx Vulnerability→

Rogue Developer Infects Widely Used NodeJS Module to Steal Bitcoins

Posted on November 27, 2018 by Mohit Kumar

A widely used third-party NodeJS module with nearly 2 million downloads a week was compromised after one of its open-source contributor gone rogue, who infected it with a malicious code that was programmed to steal funds stored in Bitcoin wallet apps.
… Continue reading Rogue Developer Infects Widely Used NodeJS Module to Steal Bitcoins→