Connect with us

Community

Security Researchers Spot 150,000 Function-less npm Packages in Automated 'Token Farming' Scheme

Community

AMD Closes in on Intel in Latest Steam Hardware Survey

Community

A Decade of BBC Question Time Data Reveals Imbalance in Journalist Guests

Community

A Decade of BBC Question Time Data Reveals Imbalance in Journalist Guests

Community

A Decade of BBC Question Time Data Reveals Imbalance in Journalist Guests

Community

Ghana Tries To Regulate Online Prophecies

Community

Ghana Tries To Regulate Online Prophecies

Community

Ghana Tries To Regulate Online Prophecies

Community

How Nokia Went From iPhone Victim To $1 Billion Nvidia Deal

Community

Australia's Biggest Pension Fund To Cut Global Stocks Allocation on AI Concerns

Community

ASUS Announces Price Hikes Starting January 5

Community

No Standard iPhone 18 Launch This Year, Reports Suggest

Community

Iran Offers To Sell Advanced Weapons Systems For Crypto

Community

IDC Estimates Apple Shipped Just 45,000 Vision Pros Last Quarter

Community

Some of Your Cells Are Not Genetically Yours

Community

Security Researchers Spot 150,000 Function-less npm Packages in Automated ‘Token Farming’ Scheme

Published

2 months ago

on

[ad_1]

An anonymous reader shared this report from The Register:


Yet another supply chain attack has hit the npm registry in what Amazon describes as “one of the largest package flooding incidents in open source registry history” — but with a twist. Instead of injecting credential-stealing code or ransomware into the packages, this one is a token farming campaign.

Amazon Inspector security researchers, using a new detection rule and AI assistance, originally spotted the suspicious npm packages…

[ad_2]

Source link

Related Topics:
Continue Reading