Researchers have identified two malware-containing packages on the npm registry, ethers-provider2 and ethers-providerz. The packages infect a locally installed software and could lead to persistent attacks on the open-source ecosystem. Despite the low download rates, the packages pose a significant threat to systems even if removed, highlighting the need for careful scrutiny of packages from open-source repositories.
What are business logic vulnerabilities?
Business logic vulnerabilities in software allow attackers to exploit flaws in design, enabling them to circumvent security measures and manipulate pricing, authentication, and other key
