Dark Reading
3 years ago
NPM Plagued With 'Manifest Confusion' Malware-Hiding Weakness
The popular package manager for software developers has been vulnerable to this attack vector for a while, and negligent in fixing the problem, according to a former employee.