all InfoSec news
Weird npm package inside major software releases?
Feb. 26, 2024, 3 p.m. | /u/No-532
cybersecurity www.reddit.com
this might be a kind of stange question but do you recognize the npm package "yunlongzha\_test\_node"? I found it in the open source license listings for major firms, product lines and wonder what it does. Further analysis leads to some really strange GitHub account that has some really suspicious history of deletions and strange repos. I wonder if it is something malicious that has creeped its way into major software releases?
Just googling for it rings my alarm bells. …
account analysis cybersecurity found github history kind license major npm npm package open source package product question releases software software releases weird
More from www.reddit.com / cybersecurity
How does hiring in APT groups work?
13 hours ago |
www.reddit.com
State of WiFi Security in 2024
14 hours ago |
www.reddit.com
Prioritize Blue Team for Cybersecurity Success
16 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC