All Talks

Analysis of an exploited npm package

Talk recording from Amsterdam JSNation Conference 2019 https://jsnation.com

Analysis of an exploited npm package

The ownership of the npm package event-stream changed hands late 2018 and found its way into the hands of an attacker targeting a specific mobile application. How did an attacker go from an npm package to a mobile application? How was this exploit found? What purpose did each of the three payloads have?

This session will dive into the three payloads of the attack, how they worked, how …

You might be interested in: