注册并分享邀请链接,可获得视频播放与邀请奖励。

Socket (@SocketSecurity) “🚨 Socket detected malicious activity in newly published versions of node-ipc, a” — TopicDigg

Socket 的个人资料封面
Socket 的头像
Socket
@SocketSecurity
Socket is the #1# software supply chain security platform. Next-gen SCA + SBOM + 0-day prevention. LOVED BY DEVELOPERS. 👀 @npm_malware
加入 November 2021
4.6K 正在关注    17.1K 粉丝
🚨 Socket detected malicious activity in newly published versions of node-ipc, an npm package with 822K weekly downloads. Affected versions: node-ipc@9.1.6 node-ipc@9.2.3 node-ipc@12.0.1 Socket’s AI scanner flagged the malware within ~3 minutes of publication. Early analysis shows obfuscated stealer/backdoor behavior, including host fingerprinting, local file enumeration, payload wrapping, and attempted exfiltration.
显示更多
0
23
565
116
转发到社区