One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 8310927 |
| Date de publication | 2023-02-17 00:00:00 (vue: 2023-02-16 19:06:55) |
| Titre | Researchers Hijack Popular NPM Package with Millions of Downloads |
| Texte | A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack. "The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password," software supply chain security company Illustria said in a report. While npm's security protections limit users to have only one active email address |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | account active address attack been can chain company domain downloads email expired found has have hijack illustria said in its limit maintainers million millions more name npm one only over package password popular protections recovering report researchers resetting security software supply taken takeover than users vulnerable weekly |
| Tags | |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.