all InfoSec news
Weird npm package inside major software releases?
Feb. 26, 2024, 3 p.m. | /u/No-532
cybersecurity www.reddit.com
this might be a kind of stange question but do you recognize the npm package "yunlongzha\_test\_node"? I found it in the open source license listings for major firms, product lines and wonder what it does. Further analysis leads to some really strange GitHub account that has some really suspicious history of deletions and strange repos. I wonder if it is something malicious that has creeped its way into major software releases?
Just googling for it rings my alarm bells. …
account analysis cybersecurity found github history kind license major npm npm package open source package product question releases software software releases weird
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Senior Security Specialist, Forsah Technical and Vocational Education and Training (Forsah TVET) (NEW)
@ IREX | Ramallah, West Bank, Palestinian National Authority
Consultant(e) Junior Cybersécurité
@ Sia Partners | Paris, France
Senior Network Security Engineer
@ NielsenIQ | Mexico City, Mexico
Senior Consultant, Payment Intelligence
@ Visa | Washington, DC, United States
Corporate Counsel, Compliance
@ Okta | San Francisco, CA; Bellevue, WA; Chicago, IL; New York City; Washington, DC; Austin, TX
Security Operations Engineer
@ Samsara | Remote - US