Gathering weak npm credentials

less than 1 minute read

We all know the importance of strong passwords, don’t we?

In case you don’t, here’s an example of how a security researcher was able to obtain direct publish access to 14% of npm packages through some fairly basic techniques that take advantage of poor password practices.

(via ChALkeR)

Updated:

Leave a Comment