Supply Chain Attack Hits Axios NPM Packages
Axios is a dependency in nearly 80% of all cloud and code environments and sees approximately 100 million downloads per week.
All topics
Open Source Software Security
3 Posts
High-Risk Authentication Bypass Flaw Found in Telnetd
The flaw is in the way that the telnetd server handles some specific user-supplied data. An attacker who exploits this vulnerability would be able to bypass the authentication path and gain root privileges.
GitHub Aims to Improve npm Security After Malware Campaigns
GitHub said the changes will help "fortify the security of the software supply chain" after a recent surge of attacks targeting the npm ecosystem.