- NPM security: preventing supply chain attacks | Snyk blog https://snyk.io/blog/npm-security-preventing-supply-chain-attacks/ 3 comments node
Linking pages
Linked pages
- Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine | Snyk https://snyk.io/blog/peacenotwar-malicious-npm-node-ipc-package-vulnerability/ 405 comments
- Why npm lockfiles can be a security blindspot for injecting malicious modules | Snyk https://snyk.io/blog/why-npm-lockfiles-can-be-a-security-blindspot-for-injecting-malicious-modules/ 160 comments
- What is a backdoor? Let's build one with Node.js | Snyk https://snyk.io/blog/what-is-a-backdoor/ 46 comments
- Trojan Source Attacks https://www.trojansource.codes/ 39 comments
- Google Online Security Blog: Introducing SLSA, an End-to-End Framework for Supply Chain Integrity https://security.googleblog.com/2021/06/introducing-slsa-end-to-end-framework.html 27 comments
- Typosquatting attacks | Snyk Blog https://snyk.io/blog/typosquatting-attacks/ 25 comments
- SLSA • Supply-chain Levels for Software Artifacts http://slsa.dev/ 3 comments
- Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks | Snyk https://snyk.io/blog/snyk-200-malicious-npm-packages-cobalt-strike-dependency-confusion-attacks/ 2 comments
- GitHub - lirantal/lockfile-lint: Lint an npm or yarn lockfile to analyze and detect security issues https://github.com/lirantal/lockfile-lint 2 comments
- 10 npm Security Best Practices | Snyk https://snyk.io/blog/ten-npm-security-best-practices/ 2 comments
- Snyk Open Source Advisor | Snyk https://snyk.io/advisor/ 1 comment
- GitHub - lirantal/eslint-plugin-anti-trojan-source: ESLint plugin to detect and stop Trojan Source attacks https://github.com/lirantal/eslint-plugin-anti-trojan-source 0 comments
- Open source maintainer pulls the plug on npm packages colors and faker, now what? | Snyk https://snyk.io/blog/open-source-npm-packages-colors-faker/ 0 comments
- Detect and prevent dependency confusion attacks on npm to maintain supply chain security | Snyk https://snyk.io/blog/detect-prevent-dependency-confusion-attacks-npm-supply-chain-security/ 0 comments
- Targeted npm dependency confusion attack caught red-handed | Snyk https://snyk.io/blog/npm-dependency-confusion-attack-gxm-reference 0 comments
- GitHub - lirantal/npq: 🎖safely* install packages with npm or yarn by auditing them as part of your install process https://github.com/lirantal/npq 0 comments
Would you like to stay up to date with Web Development? Checkout Web Development
Weekly.
Related searches:
Search whole site: site:snyk.io
Search title: NPM security: preventing supply chain attacks | Snyk
See how to search.