GitHub fixes 2 npm registry vulnerabilities
GitHub has fixed two node package manager (npm) registry vulnerabilities, one of those could allow an attacker to publish new versions of an npm package without proper authorization.
GitHub has fixed two node package manager (npm) registry vulnerabilities, one of those could allow an attacker to publish new versions of an npm package without proper authorization.
Embedded malware has been discovered in an NPM package ua-parser-js, a popular JavaScript library designed to detect browser, engine, OS, CPU, and device type/model from User-Agent data.