Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks

Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply chain attacks targeting the open-source ecosystem. The packages in question are ethers-provider2 and ethers-providerz, with the former downloaded 73 times to date since it was published on

Posted from: Click here for the full article.

留言

此網誌的熱門文章

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation