Hackers Flood NPM with Bogus Packages Causing a DoS Attack

Threat actors are flooding the npm open source package repository with bogus packages that briefly even resulted in a denial-of-service (DoS) attack.
“The threat actors create malicious websites and publish empty packages with links to those malicious websites, taking advantage of open-source ecosystems’ good reputation on search engines,” Checkmarx’s Jossef Harush Kadouri said in a report

This article has been indexed from The Hacker News

Read the original article: