all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

npm package downloads another package while exfiltrating your IP address and username

Add to bookmarks
May 6, 2022, 10:11 a.m. | Ax Sharma

Security Boulevard securityboulevard.com




On any given day, Sonatype's security research team analyzes dozens to hundreds of suspicious packages published to open source registries including npm and PyPI.


The post npm package downloads another package while exfiltrating your IP address and username appeared first on Security Boulevard.

address dependency confusion devzone downloads featured ip ip address malware prevention nexus firewall npm npm package package username vulnerabilities

Visit resource

More from securityboulevard.com / Security Boulevard

Baby ASO: A Minimal Viable Transformation for Your SOC 14 hours ago | securityboulevard.com
aso axiom baby change +16
LabHost Phishing Platform is Latest Target of International Law Agencies 17 hours ago | securityboulevard.com
as-a-service countries cybercriminal cybersecurity +34
Choosing SOC Tools? Read This First [2024 Guide] 17 hours ago | securityboulevard.com
analytics & intelligence array centers clock +36
USENIX Security ’23 – GAP: Differentially Private Graph Neural Networks with Aggregation Perturbation 18 hours ago | securityboulevard.com
access aggregation authors channel +19
SafeBreach Coverage for AA24-109A (Akira Ransomware) 18 hours ago | securityboulevard.com
advisory akira akira ransomware cisa +12
Daniel Stori’s ‘WC’ 20 hours ago | securityboulevard.com
daniel daniel stori humor sarcasm +4
USENIX Security ’23 – Inductive Graph Unlearning 22 hours ago | securityboulevard.com
access authors channel conference +13
From DAST to dawn: why fuzzing is better solution | Code Intelligence 22 hours ago | securityboulevard.com
api security application applications application security +27
Cybersecurity Insights with Contrast CISO David Lindner | 4/19/24 1 day ago | securityboulevard.com
businesses can cisa ciso +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Officer Level 1 (L1)

@ NTT DATA | Virginia, United States of America
View on infosec-jobs.com

Alternance - Analyste VOC - Cybersécurité - Île-De-France

@ Sopra Steria | Courbevoie, France
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote US or Remote CAN
View on infosec-jobs.com

Cyber Security Engineer Lead

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com
View more jobs