LetsDefend: Hijacked NPM Package/Supply Chain Compromise

Hijacked NPM walkthrough

Preparation

Alert SOC158: Hijacked NPM Malware

Everything looks legit when I do the checks. UA Parser JS has been downloaded from its official site. I couldn't understand what is the problem.

--

--

--

Security Researcher [RED&BLUE]

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Wireless Hacking — Part9

Cybersecurity reporter Nicole Perlroth warns against cybersecurity complacency

{UPDATE} Mille Bornes Avenue Hack Free Resources Generator

A New Approach to Fraud Credit Card Transaction Prevention

Winners Announcement: MKX Airdrop Event 🪂

Remote Exploitation 101-Root The Box

How I Hacked & Reported Data Leak of 7 Million Users & Distributor’s Bank Details to Indane, IOCL

Windows Command Shell — Leveraging CMD To Execute Sneaky Stuff

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Michael Koczwara

Michael Koczwara

Security Researcher [RED&BLUE]

More from Medium

Attack Analysis — Cobalt Strike C2 & Hancitor/Malware

Cyber Kill Chain in Cyber Threat Intelligence

How can you recognize a crypto-miner in your environment?

A crypto mining farm

Critical CVEs: Why Chasing Squirrels is Driving the Whole Industry Nuts