Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


In this Discussion

IconBurst: NPM software supply chain attack grabs data from apps, websites
New on LowEndTalk? Please Register and read our Community Rules.

IconBurst: NPM software supply chain attack grabs data from apps, websites

DPDP Member, Moderator, The Domain Guy
edited July 5 in News

DP's CPN (Copy & Paste News) ✌️

ReversingLabs researchers have uncovered a widespread campaign to install malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites.


Reference: https://blog.reversinglabs.com/blog/iconburst-npm-software-supply-chain-attack-grabs-data-from-apps-websites


End of DP's CPN (Copy & Paste News) ✌️
Thanked by 2tjn stevewatson301

Comments

  • edited July 5

    Tinyweasel would be proud.

    Maybe people need to write integration tests that load their webpages and verify that the requested domains match the expected ones.

Sign In or Register to comment.