Otkriven malver u UA-Parser-JS, biblioteci koja se preuzme nekoliko miliona puta nedeljno

Otkriven malver u UA-Parser-JS, biblioteci koja se preuzme nekoliko miliona puta nedeljno

https://www.bleepingcomputer.com/news/security/pop... link-img
avatar

Iz članka:

Hackers hijacked the popular UA-Parser-JS NPM library, with millions of downloads a week, to infect Linux and Windows devices with cryptominers and password-stealing trojans in a supply-chain attack.

The UA-Parser-JS library is used to parse a browser's user agent to identify a visitor's browser, engine, OS, CPU, and Device type/model.

The library is immensely popular, with millions of downloads a week and over 24 million downloads this month so far. In addition, the library is used in over a thousand other projects, including those by Facebook, Microsoft, Amazon, Instagram, Google, Slack, Mozilla, Discord, Elastic, Intuit, Reddit, and many more well-known companies.

Due to the widespread impact of this supply-chain attack, it is strongly advised that all users of the UA-Parser-JS library check their projects for malicious software.

1

ULOGUJ SE I DODAJ KOMENTAR


Registruj ili prijavi.

VIDI POPULARNE POSTOVE


avatar Vukašin pre 15 sati
1
avatar Nikola pre 2 dana
avatar Nikola pre 2 dana