Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
NPM Registry Found to be Vulnerable to 'Manifest Confusion' Abuse
Malware and Vulnerabilities
June 28, 2023
The Register
The npm Public Registry, a database of JavaScript packages, fails to compare npm package manifest data with the archive of files that data describes, creating an opportunity for the installation and execution of malicious files.
Read More
Manifest Confusion
JavaScript packages
Package Manifest Data
Supply Chain Vulnerability
Improper Manifest Validation
Publisher
Previous
Astrix Security, which uses ML to secure app integratio ...
Companies to Watch
Next
Ukraine Cracks Down on Investment Scams, Raids Call Cen ...
Incident Response, Learnings
/https://cyware-ent.s3.amazonaws.com/image_bank/4efd_shutterstock_764318389.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/e5b4_shutterstock_645221908.jpg)
