User:SBassett (WMF)/Explorations/NodeNPM

NodeJS, npm, etc. security notes[edit]

Related Articles[edit]

• https://medium.com/intrinsic/common-node-js-attack-vectors-the-dangers-of-malicious-modules-863ae949e7e8
• https://nakedsecurity.sophos.com/2020/01/15/malicious-npm-package-taken-down-after-microsoft-warning/
• https://blog.cloudboost.io/npm-security-please-dont-blindly-follow-the-panic-f724871ba1a8
• https://lirantal.medium.com/malicious-modules-what-you-need-to-know-when-installing-npm-packages-12b2f56d3685
• https://medium.com/intrinsic/compromised-npm-package-event-stream-d47d08605502
• https://cdn2.hubspot.net/hub/203759/file-1100864196-pdf/docs/Contrast_-_Insecure_Libraries_2014.pdf
• https://www.npmjs.com/advisories