Install scripts
in npm
The most common method for malware delivery on npm is through the install scripts which allow for arbitrary code execution on host systems. According to 2022 paper, 94% of malicious packages contained at least one install script. Read more about this attack vector in this blog post. Install scripts in transitive dependencies could be vectors of malicious code such as:
an attacker trying to access sensitive directories such as
.sshor.awsan attacker trying to exfiltrate sensitive credentials or secrets
Last updated