Post A0FMV5uTAfYa4BlUaO by infosechandbook@chaos.social
 (DIR) More posts by infosechandbook@chaos.social
 (DIR) Post #A0FMV5uTAfYa4BlUaO by infosechandbook@chaos.social
       2020-10-17T08:14:38Z
       
       0 likes, 4 repeats
       
       Three npm packages found opening shells on Linux, Windows systems:https://www.zdnet.com/article/three-npm-packages-found-opening-shells-on-linux-windows-systems/The packages are plutov-slack-client, nodetest199, and nodetest1010.npm security team: "Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer."#npm #JavaScript #Vulnerability #Backdoor #InfoSec #Security #CyberSecurity