Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack

The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm registry. The latest

Posted from: Click here for the full article.

留言

此網誌的熱門文章

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation