TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

By rooter

GitHub has announced what it said are “breaking changes” coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats.

The changes aim to combat attack techniques that abuse the “npm install” command to trigger the execution of malicious code using npm lifecycle hooks. “Npm install” is used to download and install all the necessary

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

rooter
Cyber Security

Zero Trust For AI In Defense Networks

rooter
Cyber Security

Why Antidetect Browsers Are Becoming Core Infrastructure for SaaS Growth Teams

rooter

Leave a Reply

You Missed

News

Never Post’s Mike Rugnetta on the creative process and the value of reliable power

Cyber Security

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Cyber Security

Zero Trust For AI In Defense Networks

Cyber Security

Why Antidetect Browsers Are Becoming Core Infrastructure for SaaS Growth Teams