Sonatype has identified new “dependency confusion” packages published to the npm ecosystem that are malicious in nature.
Article Link: https://blog.sonatype.com/malicious-dependency-confusion-copycats-exfiltrate-bash-history-and-etc-shadow-files
Sonatype has identified new “dependency confusion” packages published to the npm ecosystem that are malicious in nature.
Article Link: https://blog.sonatype.com/malicious-dependency-confusion-copycats-exfiltrate-bash-history-and-etc-shadow-files