Back to directory
WRITEUP #2091

Threat Alert: Private npm Packages Disclosed via Timing Attacks

AI / LLMTiming attackSupply chain attack
byYakir Kadkoda
Program
GitHub
Published
Oct 12, 2022
Added to HackDex
Oct 17, 2022
Read Full Writeuphttps://blog.aquasec.com/private-packages-disclosed-via-timing-attack-on-npm
RELATED WRITEUPS
Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk
AI / LLMCI/CD
GitHub Actions Exploitation: Repo Jacking And Environment Manipulation
AI / LLMRepojacking
Unmasking Harmful Content in a Medical Chatbot: A Red Team Perspective
AI / LLMAI
Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information
AI / LLMAI
Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed.
AI / LLMAI

Built with ❤️ by Shubham Rawat