Three JavaScript packages have been removed from the npm portal for containing malicious code
- From The Category5.TV Newsroom Episode 665
- October 21, 2020
Three JavaScript libraries found on the npm portal -- plutov-slack-client, nodetest199 and nodetest1010 -- opened shells on the computers of developers who imported the packages into their projects. The npm security team have removed the package, but are warning users that there is no guarantee this will remove all malicious software resulting from installing it.
Support This Free Content
Discussion
Subscribe to Tech TV
Mastodon
Discord
Twitter Posts
-
@RobbieFerguson Jun 30 @ 12:40amRT @TheAmpHour: “The role of most prototypes is to try to kill the idea” ~ @zackfreedman This week Zack joins @Chris_Gammell on a crossov…
Open Tweet -
@RobbieFerguson Jun 23 @ 7:08pm
RT @Category5TV: There are amazing, powerful alternatives to #RaspberryPi in full supply! We look at the @khadas_official #VIM4 and talk ab…
Open Tweet -
@Category5TV Jun 23 @ 7:08pmThere are amazing, powerful alternatives to #RaspberryPi in full supply! We look at the @khadas_official #VIM4 and… https://t.co/cf4sCrqh9p
Open Tweet -
@RobbieFerguson Jun 19 @ 9:39pm
Why do TV remotes still have so many buttons (most of which are useless) in 2022? I mean, digital cable killed the… https://t.co/7NlPxrqOGE
Open Tweet -
@RobbieFerguson Jun 19 @ 7:28pm
An overnight dry rub, 9 hours on the smoker, followed by a quick grilling. I've finally nailed it. As good as any r… https://t.co/Lrb9MK9syS
Open Tweet