UAdam Baldwin, okhokela iqela elinoxanduva lokukhusela indawo yokugcina ye-NPM, Iinkcukacha-manani ezilungiselelwe ngokusekelwe kwiziphumo zonyaka ophelileyo:
- Ngaphandle kokuba ngokuthathwa kweendawo zokugcina ze-NPM, yi-9.27% kuphela yabagcini bephakheji abasebenzisa ukuqinisekiswa kwezinto ezimbini ukukhusela ukufikelela;
- Xa ubhalisa, i-13.37% yee-akhawunti ezintsha zizame ukuphinda zisebenzise ii-passwords eziye zavela kwii-password ezivuzayo ezaziwayo, ngokwenkonzo. ;
- Kunyaka ophelileyo, iithokheni ze-737 NPM zachithwa ngenxa yokuba ziphosakele kubhaliso lwepakethe ye-NPM okanye iindawo zokugcina ezifikelelekayo esidlangalaleni kwi-GitHub;
- ukubiwa kwe-13 yezigidi zeedola kwi-cryptocurrency ngenxa yokufunyanwa komzamo wokudibanisa i-backdoor kwi-wallet ye-Komodo Agama;
- Inani lilonke leengxelo zemiba yokhuseleko kwisiseko sedatha se-NPM lifikelele kwi-1285, apho iingxelo ezingama-595 zafakwa ngo-2019. Izaziso zobuthathaka ezingama-2.2 zifunyenwe nge-security@npmjs.com;
- Ngokuhamba konyaka, inkqubo ye-antispam ivalwe ukuthengiselana kwe-11526, kubandakanywa nezo zihambelana nemizamo yokukhuthaza ukukhangisa kwimizila kunye namafilimu;
- Inkqubo yohlalutyo ivelise iingxelo ze-1.4 yezigidi eziceliwe nge-API, egubungela i-15.6 TB yedatha kunye nolwazi lohlalutyo lokuziphatha.
umthombo: opennet.ru
