Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Researchers Discover Account Takeover Flaw in Popular NPM Package With Millions of Downloads
Malware and Vulnerabilities
February 17, 2023
The Hacker News
"The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password," software supply chain security company Illustria said in a report.
Read More
Account takeover attack
GitHub Actions
NPM Package
Supply Chain Vulnerability
Code Repository
Publisher
Previous
Hackers Leverage PayPal to Send Malicious Invoices
Identity Theft, Fraud, Scams
Next
Burton Snowboards Cancels Online Orders After 'Cyber In ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/e059_shutterstock_1193819023.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/0def_shutterstock_478778974.jpg)
