GitHub fixes authorisation vulnerability in the NPM JavaScript package registry

Flaw allowed 'an attacker to publish new versions of any npm package'

GitHub said it has fixed a longstanding issue with the NPM (Node Package Manager) JavaScript registry that would allow an attacker to update any package without proper authorisation.…

Comments are closed.