|
jeffv via plug on 8 Nov 2021 10:34:22 -0800
|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
- From: jeffv via plug <plug@lists.phillylinux.org>
- To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org>
- Subject: [PLUG] NPM-further
- Date: Mon, 8 Nov 2021 13:34:16 -0500
- Authentication-results: smtp02.aqua.bos.sync.lan smtp.user=jeffv@op.net; auth=pass (LOGIN)
- Dkim-signature: v=1; a=rsa-sha1; d=op.net; s=20180222; c=relaxed/simple; q=dns/txt; i=@op.net; t=1636396457; h=From:Subject:Date:To:MIME-Version:Content-Type; bh=32Cw7PJzCmNvaa4P884Ptw0D3U8=; b=B1fJX/khRU5rBInjuB9uPSDHgKAUpMVYaDPyCeYzrCCeRTcpTRV6SuBRkN3NYNBy cJWiEML27RztsEqwxHv5rtxfz6GfXuuszhAbeAnzUhwaKGtmyuyEP1riZjRCKmU2 LZFk/rYPBMj9tWVekhq2y8EP5hIrY1iGm9psmsipbNs7YBix1C2Njir4YogkJRwC VjjWyMzxOPvmiU7mnWJTqW+5gKGCrL8N0BPRy9PHfet5rnDrCI/1VM9ydryr4Czf MRvpTFHRc0rXq1LuszgSRGF8hl2K1JaKJyBDUdqUoSLLXrxLzUhU+fJdQFnz6T7P M3ooG0CwZ+oA2rT6Fo6Vvg==;
- Reply-to: jeffv <jeffv@op.net>
- Sender: "plug" <plug-bounces@lists.phillylinux.org>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.2.1
Two NPM Packages With 22 Million Weekly Downloads Found Backdoored
https://thehackernews.com/2021/11/two-npm-packages-with-22-million-weekly.html
The two libraries in question are "coa," a parser for command-line
options, and "rc," a configuration loader, both of which were tampered
by an unidentified threat actor to include "identical" password-stealing
malware
Waterfox: A Firefox fork that could teach Mozilla a lesson
https://www.theregister.com/2021/11/04/waterfox_firefox_fork/
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug