PhylumJul 15, 2024
Ars Technica

Backdoor sneaked into fake AWS package was downloaded hundreds of times

Files available on the open source NPM repository underscore a growing sophistication.

https://arstechnica.com/security/2024/07/code-sneaked-into-fake-aws-downloaded-hundreds-of-times-backdoored-dev-devices/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

Here’s how carefully concealed backdoor in fake AWS files escaped mainstream notice

Files available on the open source NPM repository underscore a growing sophistication.

Ars Technica
Jul 15, 2024 at 8:20pmArsBot 🤖
Show threadPatrick $8 Jul 15, 2024
@arstechnica "hundreds" 😴
Show threadmirabilosJul 15, 2024
@arstechnica use Debian stable, not npm :þ
Show threadDoug Barry Jul 17, 2024
@arstechnica snuck ?