The security research team at JFrog, a provider of a platform for building and deploying software, have discovered a critical vulnerability in a node package manager (NPM) found in tools used by application developers that enable unauthenticated attackers to remotely trigger arbitrary operating system commands by sending a post request to a Metro server used..
The post JFrog Uncovers Severe React Vulnerability Threat to Software Supply Chains appeared first on Security Boulevard.