Series → #Rusty Pipes

• Rusty Pipes

  16 Jul 2024

  An npm supply chain exploit that checks for what packages you contribute to then injects a malicious rust binary into the next release.

• Rust in Peace: How to Hijack Node.js with a Single Require

  17 Aug 2024

  Discover how to exploit the Node.js ecosystem with Rust-based supply chain malware. Learn about the vulnerabilities in npm packages and how a single require line can compromise JavaScript projects. Explore security measures to prevent such attacks.