Research
- Anatomy of a Malicious Package: The Install-Time Playbook
A field guide to the techniques attackers hide inside npm, PyPI, and Crates packages, and the benign look-alikes that make them hard to catch.
A field guide to the techniques attackers hide inside npm, PyPI, and Crates packages, and the benign look-alikes that make them hard to catch.