Hijacking S3 Buckets: New Attack Technique
Hijacking S3 Buckets: New Attack Technique
checkmarx.com Hijacking S3 Buckets: New Attack Technique
Without altering a single line of code, attackers poisoned the NPM package “bignum” by hijacking the S3 bucket serving binaries necessary for its function and replacing them with malicious ones
![Hijacking S3 Buckets: New Attack Technique](https://sh.itjust.works/pictrs/image/12c5dfc5-8155-4d0b-bd1c-e259db0f8582.jpeg?format=webp&thumbnail=256)
It seems like attackers have discovered a way to leverage NPM packages to deliver malicious binaries without needing to make any changes to the NPM package itself.
0
comments