Date: Tue, 03 Nov 2020 19:36:53 GMT
<p>SonaType detected a Malware in NPM registry imitating to be Twilio package that opens a reverse connection to a remote server and allows attacker to access your local machine content. Let us discuss</p> <p>Since this command is unix specific it won’t work on Windows</p> <p>https://blog.sonatype.com/twilio-npm-is-brandjacking-malware-in-disguise</p> <p><br /></p> <p><br /></p> <p>Resources</p> <p>SSH Tunneling https://youtu.be/N8f5zv9UUMI</p> <p>Ngrok https://www.youtube.com/watch?v=pR2qNnVIuKE</p> <p><br /></p>