all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

npm flooded with 748 packages that store movies

Add to bookmarks
Jan. 25, 2024, 5:05 p.m. | Ax Sharma

Sonatype Blog blog.sonatype.com




Meet npmjs.com, a video and eBook hosting platform — not our words, but it seems that's what goes in the mind of some users (and attackers) recently seen misusing the platform to store media like multi-gig movies, videos, and eBooks.

attackers devzone ebook ebooks gig goes hosting media movies npm npmjs packages platform store video videos vulnerabilities

Visit resource

More from blog.sonatype.com / Sonatype Blog

Sonatype Lifecycle best practices: Getting started and managing SBOMs 1 week ago | blog.sonatype.com
applications best practices critical dependencies +13
DevOps pioneers navigate organizational transformation 2 weeks ago | blog.sonatype.com
depth devops devops transformation download +13
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 2 weeks, 2 days ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 2 weeks, 6 days ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 3 weeks, 6 days ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 1 month ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 1 month ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 1 month ago | blog.sonatype.com
apache cyclonedx devzone experience +14
Cyber readiness and SBOMs 1 month ago | blog.sonatype.com
academic academic research advanced bills +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Data Privacy Manager m/f/d)

@ Coloplast | Hamburg, HH, DE
View on infosec-jobs.com

Cybersecurity Sr. Manager

@ Eastman | Kingsport, TN, US, 37660
View on infosec-jobs.com

KDN IAM Associate Consultant

@ KPMG India | Hyderabad, Telangana, India
View on infosec-jobs.com

Learning Experience Designer in Cybersecurity (f/m/div.) (Salary: ~113.000 EUR p.a.*)

@ Bosch Group | Stuttgart, Germany
View on infosec-jobs.com

Senior Security Engineer - SIEM

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs