Back to directory

WRITEUP #2810

New npm Flaws Let Attackers Better Target Packages for Account Takeover

ReconInformation disclosure

byYakir Kadkoda

Program

GitHub

Published

Apr 5, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://blog.aquasec.com/npm-supply-chain-attack

▸ RELATED WRITEUPS

P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!

ReconInformation disclosure

How I Got Bugs From Google Dorks

ReconInformation disclosure

How I can easily get four P1 at NASA using Simple Google Dorking.

ReconInformation disclosure

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

ReconMissing authentication

$1600 Bounty on a Main Domain

ReconSession fixation

Built with ❤️ by Shubham Rawat