Back to directory
WRITEUP #1019

The massive bug at the heart of the npm ecosystem

AI / LLMSupply chain attackManifest confusion
by@darcy(Darcy Clarke)
Program
-
Published
Jun 27, 2023
Added to HackDex
Jul 3, 2023
Read Full Writeuphttps://blog.vlt.sh/blog/the-massive-hole-in-the-npm-ecosystem
RELATED WRITEUPS
Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk
AI / LLMCI/CD
GitHub Actions Exploitation: Repo Jacking And Environment Manipulation
AI / LLMRepojacking
Unmasking Harmful Content in a Medical Chatbot: A Red Team Perspective
AI / LLMAI
Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information
AI / LLMAI
Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed.
AI / LLMAI

Built with ❤️ by Shubham Rawat