SecBoard
Zurück zur Übersicht
ManagerRed-TeamerIT/SaaS

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

The Hacker News·
Originalartikel lesen bei The Hacker News

GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat attack techniques that abuse the "npm install" command to trigger the execution of malicious code...

MITRE ATT&CK Kill Chain (1 Techniken)

Reconnaissance
T1592.002

Software

Vollständigen Artikel lesen bei The Hacker News

Verwandte Artikel

Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls

SecurityWeek·vor etwa 4 Stunden

U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals

The Hacker News·vor etwa 5 Stunden

Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discovered

Unit 42·vor etwa 12 Stunden

Friday Squid Blogging: Squid-Inspired Fluid Pump

Schneier on Security·vor etwa 13 Stunden

ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed

Dark Reading·vor etwa 14 Stunden