// 연도
2018년 사고
2018년 공개된 모든 사고, 날짜순 정렬.
2건 인덱싱됨
- ·HIGH7.4·confirmed
event-stream / flatmap-stream Backdoor (2018)
A new maintainer of the popular event-stream npm package added a malicious sub-dependency, flatmap-stream, that exfiltrated cryptocurrency wallet seeds from Copay-derived applications.
벡터 / npm supply chain플랫폼 / npm분량 / 4분 - ·HIGH7.6·confirmed
eslint-scope npm Publish Token Theft (2018)
An attacker stole an ESLint maintainer's npm credentials and published a malicious eslint-scope version that exfiltrated developer .npmrc tokens to a remote server.
벡터 / npm supply chain플랫폼 / npm분량 / 4분