DLL Injection Attack in Kerberos NPM package
For those who are not familiar with NPM (Node Package Manager), it is a gigantic software registry that contains hundreds of thousands of open source Node.js projects in the form of packages. As a matter of fact, if a developer wanted to share their code with the world, NPM would be a good way to do it.
The Aftermath of the Equifax Breach
In Sept of 2017, news broke that Equifax, one of the world’s three largest consumer credit reporting bureaus, had suffered a massive data breach. This follows the infamous US OPM (Office of Personnel Management) hack of 2015.