Over 800 npm Packages Found with Discrepancies, 18 Exploitable to ‘Manifest Confusion’

New research has discovered over 800 packages in the npm registry which have discrepancies from their registry entries, out of which 18 have been found to exploit a technique called manifest confusion. The findings come from cybersecurity firm JFrog, which said the issue could be exploited by threat actors to trick developers into running malicious code.

Source: The Hacker News

 


Date:

Categorie(s):