Lone attacker published 14 malicious npm packages mimicking popular OpenSearch, Elasticsearch libraries
Source: Theregister
Published:
<p>A single npm user on Thursday published 14 malicious packages within a four-hour window, all mimicking popular OpenSearch, Elasticsearch, DevOps, and environment-configuration libraries, according to Microsoft.</p> <p>It’s the latest in a seemingly never-ending string of supply chain attacks targ