Events > Event Details


Dangling Packages leading to RCE

The talk will be on dependency confusion attacks, where the researcher will show how developers left the node packages/python packages in the project’s json files which are not standard library packages, and how they can be easily claimed by the Attackers to publish them from their side and when victim installs those malicious packages using standard installation instruction then it will lead to remote code execution on their system.

Key Information