Installing This Twilio Malware NPM Package Opens a Backdoor on Your Developer Machine
The Backend Engineering Show with Hussein Nasser - A podcast by Hussein Nasser
Categorie:
SonaType detected a Malware in NPM registry imitating to be Twilio package that opens a reverse connection to a remote server and allows attacker to access your local machine content. Let us discuss Since this command is unix specific it won’t work on Windows https://blog.sonatype.com/twilio-npm-is-brandjacking-malware-in-disguise Resources SSH Tunneling https://youtu.be/N8f5zv9UUMI Ngrok https://www.youtube.com/watch?v=pR2qNnVIuKE