all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

npm package disables Windows Defender before dropping trojan

Add to bookmarks
June 13, 2022, 2:28 p.m. | Ax Sharma

Sonatype Blog blog.sonatype.com




Last week, Sonatype's automated malware detection systems flagged npm package 'flame-vali' that claims to let developers "bypass any request proxys." But that's not quite the case.

defender devzone featured malware prevention nexus firewall npm npm package package trojan vulnerabilities windows windows defender

Visit resource

More from blog.sonatype.com / Sonatype Blog

Sonatype Lifecycle best practices: Getting started and managing SBOMs 22 hours ago | blog.sonatype.com
applications best practices critical dependencies +13
DevOps pioneers navigate organizational transformation 1 week ago | blog.sonatype.com
depth devops devops transformation download +13
Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 1 week, 2 days ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 1 week, 6 days ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 2 weeks, 6 days ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 3 weeks, 4 days ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 3 weeks, 4 days ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 3 weeks, 6 days ago | blog.sonatype.com
apache cyclonedx devzone experience +14
Cyber readiness and SBOMs 4 weeks, 2 days ago | blog.sonatype.com
academic academic research advanced bills +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Compliance Architect - Experian Health (Can be REMOTE from anywhere in the US)

@ Experian | ., ., United States
View on infosec-jobs.com

IT Security Specialist

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Senior, Cyber Security Analyst

@ Peloton | New York City
View on infosec-jobs.com

Cyber Security Engineer | Perimeter | Firewall

@ Garmin Cluj | Cluj-Napoca, Cluj County, Romania
View on infosec-jobs.com

Pentester / Ethical Hacker Web/API - Vast/Freelance

@ Resillion | Brussels, Belgium
View on infosec-jobs.com
View more jobs