Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
New Python Tool Checks NPM Packages for Manifest Confusion Issues
Malware and Vulnerabilities
July 04, 2023
Bleeping Computer
A malicious actor could manipulate the manifest data of a new package, and potentially expose developers to risks such as cache poisoning, installation of unknown dependencies, execution of unknown scripts, and possibly even downgrade attacks.
Read More
npm Packages
Manifest Confusion
GitHub
NPM Manifest Confusion Checker
Python-based tools
Publisher
Previous
New Malware Alert: EarlyRAT Linked to North Korean Hack ...
Malware and Vulnerabilities
Next
DDoSia Attack Tool Evolves with Encryption, Targeting M ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/580d_Shutterstock_2240496659.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_286860539.jpg)
