Users of the popular Vue.js frontend JavaScript framework experienced a supply chain attack on the npm ecosystem recently. The nested dependencies Node-IPC and peacenotwar were sabotaged as a protest by the maintainer of the Node-IPC package. Regardless of the peace-not-war slogan, node-ipc is now being identified as a malicious package, including malicious code that … Continue reading “Node-IPC NPM Package Embedded Malicious Code Vulnerability (CVE-2022-23812)”