As part of our ongoing security strategy, we have reviewed the recently published attack on the npm ecosystem (including “S1ngularity/nx attackers strike again”).
Result of our analysis:
Our Smallworld product portfolio does not use Node.js components and does not rely on npm packages.
Therefore, our products are not affected by this attack.
Current status for our customers:
- No measures are required for users of our Smallworld products.
- Planned software deliveries, updates, and patches are not impacted.
- We continuously monitor the situation and will inform our customers immediately if the threat landscape changes.
With this approach, we ensure that our solutions meet the highest security requirements and that our customers always have clarity about potential threats.