Protestware taps npm to call out wars in Ukraine, Gaza | allinfosecnews.com

Nov. 16, 2023, 12:30 p.m. | paul.roberts@reversinglabs.com (Paul Roberts)

ReversingLabs Blog blog.reversinglabs.com

Newly discovered open source software packages on the npm platform contain scripts that broadcast peace messages related to ongoing conflicts in Ukraine and on the Gaza Strip when they are deployed, according to research conducted by ReversingLabs.

The packages are just the latest examples of so-called “protestware,” a recurrent issue in the open source software ecosystem in which application developers conceal political messages inside open source code, often designing it to display to the user it after an application is …

broadcast call called gaza gaza strip issue latest messages npm open source packages peace platform protestware research reversinglabs scripts software threat research ukraine

More from blog.reversinglabs.com / ReversingLabs Blog

Developers behaving badly: Why holistic AppSec is key 2 days, 18 hours ago | blog.reversinglabs.com

appsec appsec & supply chain security bad code +18

6 ways AI can help security teams punch back 3 days, 18 hours ago | blog.reversinglabs.com

back box chatgpt conversations +14

10 tips for building an enterprise threat modeling program 4 days, 18 hours ago | blog.reversinglabs.com

appsec & supply chain security building enterprise modeling +5

The AI executive order: What AppSec teams need to know 1 week, 2 days ago | blog.reversinglabs.com

ai executive order appsec appsec & supply chain security artificial +17

Don't let CVEs distract you: Shift your AppSec team's focus to malware 2 weeks, 3 days ago | blog.reversinglabs.com

application application security appsec app sec & supply chain security +13

How legacy AppSec is holding back Secure by Design 2 weeks, 3 days ago | blog.reversinglabs.com

3cx advocates application application security +17

ReversingLabs Launches Software Supply Chain Security Availability in AWS Marketplace 2 weeks, 3 days ago | blog.reversinglabs.com

application application security availability aws +17

Protestware taps npm to call out wars in Ukraine, Gaza 3 weeks, 2 days ago | blog.reversinglabs.com

broadcast call called gaza +16

Zero trust and threat modeling: Is it time for AppSec to get on board? 3 weeks, 3 days ago | blog.reversinglabs.com

appsec app sec & supply chain security architecture benefits +7

Security Specialist

@ Protect Democracy | Remote, US

View on infosec-jobs.com

Environmental Compliance Lead

@ EDF Energy | Bristol, GB

View on infosec-jobs.com

IT Consultant Network w/m/d Wireless (WiFi6, Mobilfunk 5G)

@ Computacenter | Berlin, DE, 12099

View on infosec-jobs.com

Senior - Cyber Infrastructure Protection

@ Deloitte | Madrid, España

View on infosec-jobs.com

GRC (Governance, Risk & Compliance) | 4 to 6 Years | Mumbai, Bengaluru & Chennai

@ Capgemini | Bengaluru, MH, IN

View on infosec-jobs.com

Technology Risk & Controls Advisory - Experienced Consultant

@ Wavestone | London, United Kingdom

View on infosec-jobs.com