Background
On 9 December 2022, a number of malicious packages targeted at Python and JavaScript developers were discovered in PyPI and NPM. Details can be found here.
Mitigation
Some of Redstor's software development is done in JavaScript. We use software composition analysis (SCA) tools to monitor vulnerabilities in our code base. We have not been affected by this ransomware campaign thus far. In the interest of security, we have made our developers aware of the risk.
Comments
0 comments
Article is closed for comments.