Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
BBC

Risk Assessment

A structured way of thinking about how an activity or situation might cause harm to people or property, helping you to identify measures to prevent or minimize the chances of this happening. A way to ...