Exploiting Developer Infrastructure Is Ridiculously Easy

Photo: Charles Deluvio/Unsplash

In late October, an issue was opened on an extremely popular node.js tool, nodemon, describing a deprecation warning that was being logged to the console.

Warnings like these aren’t uncommon. This one seemed harmless. It wasn’t even related to the nodemon project, but rather to one of…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jarrod Overson

Jarrod Overson

I write about JavaScript, Reverse Engineering, Security, and Credential Stuffing. Also a speaker, O'Reilly Author, creator of Plato, Director at Shape Security.