Two Campaigns Drop Malicious Packages into NPM | allinfosecnews.com

Oct. 4, 2023, 5:10 p.m. | Jeffrey Burt

Security Boulevard securityboulevard.com

The popular NPM code registry continues to be a target of bad actors looking to sneak their malicious packages into open-source code used by software developers. Researchers with Fortinet’s FortiGuard Labs this week said they found almost three dozen malicious packages in the registry that contain scripts that make them difficult to be detected and..

The post Two Campaigns Drop Malicious Packages into NPM appeared first on Security Boulevard.

bad bad actors campaigns code cybersecurity data security developers devops featured fortinet found industry spotlight labs malicious malicious code npm malicious packages malware network security npm open source software supply chain packages popular registry researchers scripts security boulevard (original) software software developers source code spotlight target threat intelligence week

More from securityboulevard.com / Security Boulevard

Airsoft Data Breach Exposes Data of 75,000 Players 2 hours ago | securityboulevard.com

airsoft attack surface authentication breach +31

Palo Alto Networks Extends SASE Reach to Unmanaged Devices 6 hours ago | securityboulevard.com

alto devices devops devsecops +20

USENIX Security ’23 – Cryptographic Deniability: A Multi-perspective Study of User Perceptions and Expectations 6 hours ago | securityboulevard.com

access authors channel conference +17

The impact of automating open source dependency management 6 hours ago | securityboulevard.com

automation business consuming customer +14

Unlocking SMB Cybersecurity: The Rise of Virtual CISOs in 2024 and Beyond 6 hours ago | securityboulevard.com

align beyond business businesses +20

Navigating Container Security with AttackIQ’s Optimization Solutions 7 hours ago | securityboulevard.com

attackiq businesses challenge cloud security +19

CEO Discusses MDR Service With a Risk-Based Approach 8 hours ago | securityboulevard.com

aids apps artificial artificial intelligence +29

GitLab ‘Perfect 10’ Bug Gets a CISA Warning: PATCH NOW 8 hours ago | securityboulevard.com

agency analytics & intelligence api security bug +70

Our New “Days of Rage” Protest Activity and Considerations for Corporate Security 8 hours ago | securityboulevard.com

article attack college corporate +23

Senior Security Engineer - Detection and Response

@ Fastly, Inc. | US (Remote)

View on infosec-jobs.com

Application Security Engineer

@ Solidigm | Zapopan, Mexico

View on infosec-jobs.com

Defensive Cyber Operations Engineer-Mid

@ ISYS Technologies | Aurora, CO, United States

View on infosec-jobs.com

Manager, Information Security GRC

@ OneTrust | Atlanta, Georgia

View on infosec-jobs.com

Senior Information Security Analyst | IAM

@ EBANX | Curitiba or São Paulo

View on infosec-jobs.com

Senior Information Security Engineer, Cloud Vulnerability Research

@ Google | New York City, USA; New York, USA

View on infosec-jobs.com