This Week in Malware: killing Windows Defender with an npm package

Posted on 17 June 2022

From blog.sonatype.com

This Week in Malware, highlights include malicious npm package ‘flame-vali’ that claims to let developers “bypass any request proxys.” But that’s not quite the case. And, some more dependency confusion packages caught by us.

Read more…