Attackers are exploiting the good reputation and “openness” of the popular public JavaScript software registry NPM to deliver malware and scams, but are also simultaneously and inadvertently launching DoS attacks against the service. Malicious package on NPM pointing to a site serving malware (Source: Checkmarx) “The unstoppable load created by those automated scripts made NPM unstable with sporadic “Service Unavailable” errors. I can witness in the past week it happened to me and my colleagues … More
The post Flood of malicious packages results in NPM registry DoS appeared first on Help Net Security.