TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools

By rooter

Cybersecurity researchers have disclosed details of an npm package that attempts to influence artificial intelligence (AI)-driven security scanners.
The package in question is eslint-plugin-unicorn-ts-2, which masquerades as a TypeScript extension of the popular ESLint plugin. It was uploaded to the registry by a user named “hamburgerisland” in February 2024. The package has been downloaded

Oh hi there đź‘‹
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there đź‘‹
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos

rooter
Cyber Security

The Data Gap: Why Nonprofit Cyber Incidents Go Underreported

rooter
Cyber Security

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

rooter

Leave a Reply

You Missed

News

NASA officials sidestepped questions on Artemis II risks—there’s a reason why

News

Woman sneezes out maggots after fly larvae get trapped in her deviated septum

News

Slay the Spire 2 is a bit too familiar for its own good

News

Figuring out why AIs get flummoxed by some games