{"id":32277,"date":"2019-12-13T02:05:06","date_gmt":"2019-12-13T02:05:06","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/"},"modified":"2019-12-13T02:05:06","modified_gmt":"2019-12-13T02:05:06","slug":"npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/","title":{"rendered":"NPM swats path traversal bug that lets evil packages modify, steal files. That’s bad for JavaScript crypto-wallets"},"content":{"rendered":"

On Wednesday, NPM, Inc, the California-based biz that has taken it upon itself to organize the world’s JavaScript packages into the npm registry, warned that its command line tool, the npm CLI<\/a>, has a rather serious security vulnerability. Version 6.13.4 has been rushed out with a fix.<\/p>\n

The flaw \u2013 also present in less-than-current versions of yarn<\/a>, a Facebook-spawned open-source alternative client for fetching modules from the registry \u2013 could allow a hackers to alter the files on systems of users who have installed a malicious package.<\/p>\n

That’s a risk<\/a> that exists independent of this particular vulnerability, given that developers who install npm packages (or third-party libraries in other package management systems) are running code of uncertain origin. But in this instance, the problem resides in the npm client itself.<\/p>\n

“In versions of npm prior to 6.13.3 (and versions of yarn prior to 1.21.1), a properly constructed entry in the package.json<\/code> ‘bin’ field would allow a package publisher to modify and\/or gain access to arbitrary files<\/a> on a user\u2019s system when the package is installed,” NPM’s security team said in a blog post<\/a>.<\/p>\n

A separate vulnerability allows the creation of arbitrary symlinks<\/a> to any file.<\/p>\n

Version of npm prior to 6.13.4, and all versions of yarn currently, allow the arbitrary overwriting of an existing binary with another file, but only in the \/usr\/local\/bin<\/code> directory<\/a>.<\/p>\n

What should happen is that packages should only be allowed access to the node_modules<\/code> folder in a given app file.<\/p>\n

Developer Daniel Ruf identified the security vulnerability and on Thursday published a blog post<\/a> about his findings.<\/p>\n

“The problem is that we can define any (valid) paths for the binary name and the file which is then symlinked,” explained Ruf.<\/p>\n

And doing so is not particularly difficult. It requires an entry for the “bin” key in package.json<\/code>, a file that npm uses to convey the metadata about the project and its dependencies. It would look something like this:<\/p>\n

 \"bin\": { \"..\/some\/path\": \"..\/some\/other\/path\" }\n<\/pre>\n
\"Person<\/p>\n
NPM today stands for Now Pay Me: JavaScript packaging biz debuts conduit for funding open-source coders<\/h2>\n
READ MORE<\/span><\/a><\/div>\n
“This is basically everything that is needed to execute these attacks,” said Ruf. “What you can do with this depends on the package manager and the result can be pretty bad.”<\/p>\n
To demonstrate this, he created proof-of-concept exploits that write or overwrite arbitrary files and allow unauthorized file access. As in the “bin” example above, they consist of a JSON key-value pair. A possible consequence of this security failure could be the theft of crypto wallets<\/a>.<\/p>\n
NPM said it has scanned the registry looking for modules that use this attack but hasn’t found any. “That does not guarantee that it hasn\u2019t been used, but it does mean that it isn\u2019t currently being used in published packages on the registry,” NPM’s security team said.<\/p>\n
So that’s all right then. \u00ae<\/p>\n
Sponsored:<\/span> What next after Netezza?<\/a><\/p>\n
READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Trio of vulnerabilities made registry full of uncertain code even more of a risk On Wednesday, NPM, Inc, the California-based biz that has taken it upon itself to organize the world’s JavaScript packages into the npm registry, warned that its command line tool, the npm CLI, has a rather serious security vulnerability. Version 6.13.4 has been rushed out with a fix.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":32278,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-32277","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nNPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-12-13T02:05:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/12\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"NPM swats path traversal bug that lets evil packages modify, steal files. That’s bad for JavaScript crypto-wallets\",\"datePublished\":\"2019-12-13T02:05:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/\"},\"wordCount\":494,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/\",\"name\":\"NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg\",\"datePublished\":\"2019-12-13T02:05:06+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NPM swats path traversal bug that lets evil packages modify, steal files. That’s bad for JavaScript crypto-wallets\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/","og_locale":"en_US","og_type":"article","og_title":"NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-12-13T02:05:06+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/12\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"NPM swats path traversal bug that lets evil packages modify, steal files. That’s bad for JavaScript crypto-wallets","datePublished":"2019-12-13T02:05:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/"},"wordCount":494,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/12\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/","url":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/","name":"NPM swats path traversal bug that lets evil packages modify, steal files. That's bad for JavaScript crypto-wallets 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/12\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg","datePublished":"2019-12-13T02:05:06+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/12\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2019\/12\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/npm-swats-path-traversal-bug-that-lets-evil-packages-modify-steal-files-thats-bad-for-javascript-crypto-wallets\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"NPM swats path traversal bug that lets evil packages modify, steal files. That’s bad for JavaScript crypto-wallets"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/32277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=32277"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/32277\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/32278"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=32277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=32277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=32277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}