Web: https://securityboulevard.com/2022/04/this-week-in-malware-npm-backdoors-bugs-mystery-placeholders/

April 29, 2022, 3:46 p.m. | Ax Sharma

Security Boulevard securityboulevard.com




This week in malware, Sonatype's automated malware detection systems flagged npm packages laced with embedded backdoors. Additionally, the latest highlights include an interesting pattern of "mystery placeholder" packages seen on npm in the past few days and a dangerous npm flaw that allowed attackers to add anyone as a 'maintainer' to their malicious packages. 


The post This Week in Malware—npm backdoors, bugs, ‘mystery placeholders’ appeared first on Security Boulevard.

backdoors bugs devzone featured malware nexus firewall npm this week in malware vulnerabilities

Information Systems Security Officer (ISSO)

@ Spry Methods | Denver, CO

Client Manager - Cybersecurity - Nashville Enterprise

@ Optiv | Nashville, TN

Threat Analyst | Remote, USA

@ Optiv | Minneapolis, MN

Senior Cyber Security SME

@ Node.Digital | Dulles, Virginia, United States

Junior Security Engineer, Applications

@ BetterHelp | Mountain View, California, United States

Information Security Analyst II

@ SOPHiA GENETICS | Lausanne, Vaud, Switzerland

Product Security Engineer

@ Elastic | United States

Senior Network Exploitation Analyst

@ Barbaricum | Washington, DC

Junior Security Engineer, Blue Team

@ BetterHelp | Mountain View, California, United States

Security Analyst, Security Operations (Threat Hunting, Operations, and Response)

@ GitHub | Remote - US

Security Engineer III - Information Security, Active Directory

@ Riot Games, Inc. | Los Angeles, USA

Staff Security Engineer, Application Security

@ Lyft | Mexico City, Mexico