0.0.1-security • Published 3 years ago
bunny-v3 v0.0.1-security
Proof of concept of "Dependency Confusion Attack" due to unclaimed NPM package.
A dependency confusion attack or supply chain substitution attack occurs when a software installer script is tricked into pulling a malicious code file from a public repository instead of the intended file of the same name from an internal repository.
Reference: