coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.10%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.36%coin-img-HYPEHYPE+17.87%coin-img-USDCUSDC+0.01%coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.10%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.36%coin-img-HYPEHYPE+17.87%coin-img-USDCUSDC+0.01%coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.10%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.36%coin-img-HYPEHYPE+17.87%coin-img-USDCUSDC+0.01%coin-img-ETHETH+1.66%coin-img-BTCBTC+1.77%coin-img-SOLSOL+3.10%coin-img-BITKBITK+0.00%coin-img-SOULCORESOULCORE+1,500.00%coin-img-XRPXRP+2.36%coin-img-HYPEHYPE+17.87%coin-img-USDCUSDC+0.01%
user-avatar
Gamza Khanzadaev

npm 撤銷具寫入權限存取權杖應對「Mini Shai-Hulud」供應鏈攻擊,資安專家批評措施不足

npm registry 方面撤銷了與「Mini Shai-Hulud」蠕蟲事件相關、具寫入權限的細分存取權杖,並使被入侵的開發者帳戶失效,以阻止攻擊者繞過雙重驗證。平台同時要求用戶即時輪換機密資訊,並轉用 Trusted Publishing 機制。惟資安研究人員指出,威脅仍可能在本機持續存在,並針對加密貨幣錢包助記詞等敏感資料。
BTC
BTC+1.78%
ETH
ETH+1.72%
免責聲明:以上內容均來源自第三方觀點,不代表 BingX 的立場,亦不構成任何財務建議。詳情請參閱《使用條款》
WalletScams