Dependency Confusion Exploit Being Used to Create More Copycat Packages

March 12, 2021

After the release of a proof-of-concept for a new dependency confusion vulnerability by a researcher, hundreds of bogus npm packages have popped up targeting Amazon, Zillow, Lyft, and Slack NodeJS apps.

click here to read full Article

Read more on Malware updates & News

Tags: confusion Copycat Create dependency dependency confusion attack exploit exploit attacks malicious packages Packages public repositories Slack Zillow

You may also like...

Leave a Reply Cancel reply