THREAT OPS › Threat News › How 56 npm packages used binding.gyp to steal secrets
How 56 npm packages used binding.gyp to steal secrets
The attack is notable for its breadth, flooding npm with malicious package versions.
MITRE ATT&CK techniques
- Malicious PackageAML.T0011.001
Original source: https://www.reversinglabs.com/blog/npm-bindinggyp-cicd-secrets