Log In
Get Started Free

cognitive cybersecurity intelligence

News and Analysis

Search

Dangerous npm package ‘patches’ legitimate software with malware

Researchers at ReversingLabs have uncovered a malicious package, “ethers-provider2,” in the npm repository which modifies a legitimate package to create a difficult-to-remove backdoor. The package targets the widely used Ethereum blockchain library, “ethers”. It replaces a file within the local ethers package with a malicious version, resulting in a persisting security threat. The package was removed from the repository after ReversingLabs reported it to npm.

Source: www.scmagazine.com –
 Read more
Linkedin Youtube Facebook Instagram

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

What are business logic vulnerabilities?

Business logic vulnerabilities in software allow attackers to exploit flaws in design, enabling them to circumvent security measures and manipulate pricing, authentication, and other key

3000 Sand Hill Road, Building 3, Suite 210, 
Menlo Park, CA 94025

Products
Solutions
Healthcare cybersecurity​
Healthcare Threat Intelligence
Use Cases
News and Analysis
Insights
Company

© 2024 HEAL Security, Inc. “Cognitive Cybersecurity Intelligence.” All rights reserved.
3000 Sand Hill Road, Building 3, Suite 210, Menlo Park, CA 94025.
California Consumer: Do Not Sell My Info

Linkedin Youtube Facebook Instagram Soundcloud
Consent Preferences

V2025.03.11