Three JavaScript packages have been removed from the npm portal for containing malicious code

Channel:

Category5 Technology TV with Robbie Ferguson

Subscribers:

35,900

Published on October 24, 2020 2:32:08 PM ● Video Link: https://www.youtube.com/watch?v=MTsBrLzSQsQ

Duration: 2:30

120 views

❤️️ Join us on Patreon: https://patreon.com/Category5

💻 Visit Our Web Site: https://Category5.TV

🐦 Twitter: https://twitter.com/Category5TV

👍 Facebook: https://facebook.com/cat5tv/

📸 Instagram: https://instagram.com/category5tv

Three JavaScript libraries found on the npm portal -- plutov-slack-client, nodetest199 and nodetest1010 -- opened shells on the computers of developers who imported the packages into their projects. The npm security team have removed the package, but are warning users that there is no guarantee this will remove all malicious software resulting from installing it.

Other Videos By Category5 Technology TV with Robbie Ferguson

2020-11-01	NASA successfully touched down on an asteroid to collect a sample
2020-11-01	SpaceX Starlink Internet service beta has begun
2020-10-31	Ubuntu Desktop is now OFFICIAL on Raspberry Pi 4
2020-10-31	Zoom end-to-end encryption FREE for all users
2020-10-31	youtube-dl Under Attack by RIAA: DMCA Takedown
2020-10-31	AI Turns Any Selfie Photo Into SCARY ZOMBIE
2020-10-31	The Orville SCARY HALLOWEEN GAME
2020-10-25	FREE DIY Internet Proxy Server Anywhere In The World
2020-10-25	Jeff hopes to create his own PCBs, but Robbie prefers prototype boards ... for now.
2020-10-24	Compute Module 4 has been released from Raspberry Pi
2020-10-24	Three JavaScript packages have been removed from the npm portal for containing malicious code
2020-10-24	Xiaomi 80W Wireless Charge 100% in 19 Minutes!
2020-10-24	Nokia is building a 4G cellular network... on the moon.
2020-10-24	Hackers are using a severe Windows bug to compromise un-patched servers
2020-10-23	We told Jeff to look at the camera more
2020-10-20	Apple pwned, Update Breaks Windows 10 Update, Pin Puzzle ads banned, iPhone 12, Micro:bit Upgraded
2020-10-17	Apple's new iPhone lineup has been announced
2020-10-17	The BBC Micro:bit is getting a big upgrade, making it powerful enough for AI applications
2020-10-17	Misleading pin puzzle ads have been banned in the UK
2020-10-17	An optional update in Windows 10 breaks its ability to upgrade in future
2020-10-16	I Paid People on Fiverr to Remix my Theme Song Like a Retro 8-Bit Video Game

Tags:

javascript

npm portal

malicious code

exploit

shell

libraries

npm security team

security

development

vulnerability

backdoor

plutov-slack-client

nodetest199

nodetest1010

bekah ferguson

Channel	Latest
Forever	6 hours ago
ThorJay Tv	6 hours ago
Martadinata Games	7 hours ago
BillyJayGaming	7 hours ago
Will Jace TS	7 hours ago
Alper Biçen	7 hours ago
LMA TV VLOG	7 hours ago
Richard Yamato	7 hours ago
ShadesOfNate	7 hours ago
PhoenixEraser	7 hours ago
Templayer	7 hours ago
HELLO TELUGU GAMER'S	8 hours ago
MOBYDICK	8 hours ago
Wolfyowns	8 hours ago
Poppy Nutella	8 hours ago
Bandai Namco Entertainment	8 hours ago
Koinsky	8 hours ago
IndieGameplayITA	8 hours ago
iXBT.com	8 hours ago
Square Biz Gaming	8 hours ago
BeaconCream	8 hours ago
AyorSaeba	8 hours ago
Tiger_Skif	8 hours ago
The Lazy Monday	8 hours ago
Bali Local Story	8 hours ago