Attackers who target developers through malicious packages hosted on the npm repository are using a new persistence technique that involves backdooring legitimate packages already installed in victims’ local environments. This tactic complicates incident response and infection clean-up efforts because it allows attackers to maintain access to the compromised development environments even after the malicious npm…
IT & Security News for Geeks