all InfoSec news
npm packages caught exfiltrating Kubernetes config, SSH keys
Sept. 19, 2023, 2:05 p.m. | Ax Sharma
Sonatype Blog blog.sonatype.com
The Sonatype Security Research team is currently tracking an ongoing campaign on the npm registry that uses npm packages to retrieve and exfiltrate your Kubernetes configuration and SSH keys to an external server.
campaign caught configuration devzone external keys kubernetes malware analysis npm packages registry research security security research server sonatype ssh ssh keys team tracking
More from blog.sonatype.com / Sonatype Blog
The essential duo of SCA and SBOM management
2 weeks, 6 days ago |
blog.sonatype.com
Automating and maintaining SBOMs
3 weeks, 6 days ago |
blog.sonatype.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Information Security Specialist, Sr. (Container Hardening)
@ Rackner | San Antonio, TX
Principal Security Researcher (Advanced Threat Prevention)
@ Palo Alto Networks | Santa Clara, CA, United States
EWT Infosec | IAM Technical Security Consultant - Manager
@ KPMG India | Bengaluru, Karnataka, India
Security Engineering Operations Manager
@ Gusto | San Francisco, CA; Denver, CO; Remote
Network Threat Detection Engineer
@ Meta | Denver, CO | Reston, VA | Menlo Park, CA | Washington, DC