Backdoors in Python and NPM Packages Target Windows and Linux
Backdoors in Python and NPM Packages Target Windows and Linux
hackread.com
Backdoors in Python and NPM Packages Target Windows and Linux
1 comments
-
This means an attacker is using a name from one platform to target users of another, a rarely seen tactic.
Really? That sounds like a pretty obvious attack strategy.
I can think of a couple of ways to make this attack even more effective, with very little sophistication.
I don't understand why package signing isn't common on these platforms.