Source |
Bleeping Computer |
Identifiant |
7414813 |
Date de publication |
2022-10-12 11:16:30 (vue: 2022-10-12 16:06:03) |
Titre |
New npm timing attack could lead to supply chain attacks |
Texte |
Security researchers have discovered an npm timing attack that reveals the names of private packages so threat actors can release malicious clones publicly to trick developers into using them instead. [...] |
Envoyé |
Oui |
Condensat |
actors attack attacks can chain clones could developers discovered have instead lead malicious names new npm packages private publicly release researchers reveals security supply them threat timing trick using |
Tags |
Threat
|
Stories |
|
Notes |
|
Move |
|