{"id":1052,"date":"2020-11-06T15:45:00","date_gmt":"2020-11-06T20:45:00","guid":{"rendered":"https:\/\/www.pwvconsultants.com\/blog\/?p=1052"},"modified":"2020-11-06T15:38:19","modified_gmt":"2020-11-06T20:38:19","slug":"open-sourced-code-attacks-continue","status":"publish","type":"post","link":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/","title":{"rendered":"Open-Sourced Code Attacks Continue"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Npm removed yet another malicious package from its open-sourced code library this week. It marks the fourth major takedown in three months for npm.<\/h2>\n\n\n\n<p>Two days ago, npm removed a malicious JavaScript library from their website. The code contained a malicious string for opening backdoors on programmers\u2019 computers. This is the fourth major npm takedown in the last three months, and it\u2019s unlikely to slow down now. Open-sourced code attacks might be here for awhile.<\/p>\n\n\n\n<p>Previously, we discussed that all <a href=\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\" target=\"_blank\" rel=\"noreferrer noopener\">open-sourced code should be reviewed<\/a> prior to use. This should have been an automatic process for programmers anyway, but as humans, we tend to be more trusting than not. Unfortunately, that paves the way for bad actors to get in and do damage. The latest package, named \u201ctwillio-npm,\u201d was discovered by Sonatype, a company which monitors public package repositories as part of its DevOps services.<\/p>\n\n\n\n<p><a href=\"https:\/\/blog.sonatype.com\/twilio-npm-is-brandjacking-malware-in-disguise\" target=\"_blank\" rel=\"noreferrer noopener\">The Sonatype report<\/a> says the library was published this past Friday on the npm website. It was discovered the same day and removed on Monday after the npm security team blacklisted the package. The library had a pretty short lifespan on the npm website, but still was downloaded more than 370 times. The package automatically included JavaScript projects that are built and managed via the npm command-line utility. It appears the reverse shell the package opens only worked on UNIX-based systems.&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/www.zdnet.com\/article\/malicious-npm-package-opens-backdoors-on-programmers-computers\/\" target=\"_blank\" rel=\"noreferrer noopener\">From ZDNet<\/a>, \u201cAny computer that has this package installed or running should be considered fully compromised,&#8221; the npm security team <a href=\"https:\/\/www.npmjs.com\/advisories\/1574\">said today<\/a>, confirming Sonatype&#8217;s investigation. &#8220;All secrets and keys stored on that computer should be rotated immediately from a different computer,&#8221; the npm team added.<\/p>\n\n\n\n<p>As stated above, this is the fourth major takedown of malicious packages on the npm library in the last three months. August saw a malicious npm removed. September saw four libraries removed. And, in the last two weeks, three more packages were removed. That\u2019s a total of nine malicious libraries removed from npm in a very short amount of time.<\/p>\n\n\n\n<p>Humans tend to trust other humans until given a reason not to. We\u2019ve been warned that this could happen for years, and it\u2019s actually surprising that it\u2019s taken this long for this problem to arise. Open-source code sharing has been around for a long time, programmers often figure out new ways to write code or to automate something that previously wasn\u2019t. They all work together to not only simplify the coding process, but to collaborate and come up with solutions together.&nbsp;<\/p>\n\n\n\n<p>Having a bad actor come inside their world should make programmers feel violated, although they shouldn\u2019t be surprised either. But they should be incredibly angry and frustrated. This is a place they should be able to go to find a solution to a problem they have. They might find that solution, but now they know they might also import malicious code with that solution.<\/p>\n\n\n\n<p>Open-sourced code should always be reviewed, whether it\u2019s an npm library, GitHub or something\/somewhere else. Before the last few months, most programmers would have laughed off the need to review open source package code. But now? Now it\u2019s a much needed step in the process.\u00a0<\/p>\n\n\n\n<p>This really goes to show that bad actors are everywhere. They will do whatever they can, whatever it takes to infiltrate a business and steal whatever information they can gain. This could be personal, private and sensitive information. It could be proprietary business information or intellectual property. It could be stealing compute, cryptomining or simply holding your business systems hostage until a ransom is paid. Whatever the method, one thing is for sure: Bad actors will do whatever it takes to get what they want, and anyone in the way better move or get run over.<\/p>\n\n\n\n<p>Don\u2019t be the next victim. Do an <a href=\"https:\/\/www.pwvconsultants.com\/blog\/businesses-need-to-review-security-amid-pandemic\/\" target=\"_blank\" rel=\"noreferrer noopener\">intense security review now<\/a>, before 2021 starts and a new budget is in place. Make a plan to fix anything that needs fixed. Review code for unwanted strings. Review IAM controls to ensure least privilege. Review all cloud services to ensure proper use, that all services are actually being used and that you know what normal is and have alerts set around that. Review or scan your open source packages. If you don\u2019t know how or want an outsider\u2019s opinion to ensure nothing is missed, always hire an expert! Under the thumb of a pandemic, cybersecurity in 2020 is a major factor in business success. Don\u2019t let your business fail because you missed an opportunity to fix a problem!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Open-sourced code continues to be attacked. This week, npm removed a malicious package from its library for  the 4th time in 3 months.<\/p>\n","protected":false},"author":1,"featured_media":1056,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[10,599],"tags":[28,1169,1569,602,686,31,1904,1903,1938,1905,1939],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.2 (Yoast SEO v22.2) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Open-Sourced Code Attacks Continue - PWV Consultants<\/title>\n<meta name=\"description\" content=\"Open-sourced code continues to be attacked. This week, npm removed a malicious package from its library for the 4th time in 3 months.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Open-Sourced Code Attacks Continue\" \/>\n<meta property=\"og:description\" content=\"Open-sourced code continues to be attacked. This week, npm removed a malicious package from its library for the 4th time in 3 months.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/\" \/>\n<meta property=\"og:site_name\" content=\"PWV Consultants\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\" \/>\n<meta property=\"article:published_time\" content=\"2020-11-06T20:45:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-11-06T20:38:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1281\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Pieter VanIperen\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:site\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Pieter VanIperen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/\"},\"author\":{\"name\":\"Pieter VanIperen\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\"},\"headline\":\"Open-Sourced Code Attacks Continue\",\"datePublished\":\"2020-11-06T20:45:00+00:00\",\"dateModified\":\"2020-11-06T20:38:19+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/\"},\"wordCount\":760,\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg\",\"keywords\":[\"App Sec\",\"Application Security\",\"code\",\"Coding\",\"cyber sec\",\"Cybersecurity\",\"JavaScript\",\"npm\",\"Open Source Code\",\"open-source\",\"twilio-npm\"],\"articleSection\":[\"Application Security\",\"Coding\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/\",\"name\":\"Open-Sourced Code Attacks Continue - PWV Consultants\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg\",\"datePublished\":\"2020-11-06T20:45:00+00:00\",\"dateModified\":\"2020-11-06T20:38:19+00:00\",\"description\":\"Open-sourced code continues to be attacked. This week, npm removed a malicious package from its library for the 4th time in 3 months.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg\",\"width\":1920,\"height\":1281,\"caption\":\"Image by Pexels from Pixabay\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.pwvconsultants.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Open-Sourced Code Attacks Continue\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"name\":\"PWV Consultants\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\",\"name\":\"PWV Consultants\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"width\":98,\"height\":84,\"caption\":\"PWV Consultants\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\",\"https:\/\/twitter.com\/PWV_Consultants\",\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\",\"name\":\"Pieter VanIperen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"caption\":\"Pieter VanIperen\"},\"description\":\"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Open-Sourced Code Attacks Continue - PWV Consultants","description":"Open-sourced code continues to be attacked. This week, npm removed a malicious package from its library for the 4th time in 3 months.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/","og_locale":"en_US","og_type":"article","og_title":"Open-Sourced Code Attacks Continue","og_description":"Open-sourced code continues to be attacked. This week, npm removed a malicious package from its library for the 4th time in 3 months.","og_url":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/","og_site_name":"PWV Consultants","article_publisher":"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","article_published_time":"2020-11-06T20:45:00+00:00","article_modified_time":"2020-11-06T20:38:19+00:00","og_image":[{"width":1920,"height":1281,"url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg","type":"image\/jpeg"}],"author":"Pieter VanIperen","twitter_card":"summary_large_image","twitter_creator":"@PWV_Consultants","twitter_site":"@PWV_Consultants","twitter_misc":{"Written by":"Pieter VanIperen","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#article","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/"},"author":{"name":"Pieter VanIperen","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4"},"headline":"Open-Sourced Code Attacks Continue","datePublished":"2020-11-06T20:45:00+00:00","dateModified":"2020-11-06T20:38:19+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/"},"wordCount":760,"publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg","keywords":["App Sec","Application Security","code","Coding","cyber sec","Cybersecurity","JavaScript","npm","Open Source Code","open-source","twilio-npm"],"articleSection":["Application Security","Coding"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/","url":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/","name":"Open-Sourced Code Attacks Continue - PWV Consultants","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg","datePublished":"2020-11-06T20:45:00+00:00","dateModified":"2020-11-06T20:38:19+00:00","description":"Open-sourced code continues to be attacked. This week, npm removed a malicious package from its library for the 4th time in 3 months.","breadcrumb":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#primaryimage","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/11\/code-1839406_1920.jpg","width":1920,"height":1281,"caption":"Image by Pexels from Pixabay"},{"@type":"BreadcrumbList","@id":"https:\/\/www.pwvconsultants.com\/blog\/open-sourced-code-attacks-continue\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pwvconsultants.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Open-Sourced Code Attacks Continue"}]},{"@type":"WebSite","@id":"https:\/\/www.pwvconsultants.com\/blog\/#website","url":"https:\/\/www.pwvconsultants.com\/blog\/","name":"PWV Consultants","description":"","publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization","name":"PWV Consultants","url":"https:\/\/www.pwvconsultants.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","width":98,"height":84,"caption":"PWV Consultants"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","https:\/\/twitter.com\/PWV_Consultants","https:\/\/www.linkedin.com\/company\/pwv-consultants"]},{"@type":"Person","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4","name":"Pieter VanIperen","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","caption":"Pieter VanIperen"},"description":"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.","sameAs":["https:\/\/www.linkedin.com\/company\/pwv-consultants"]}]}},"_links":{"self":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1052"}],"collection":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/comments?post=1052"}],"version-history":[{"count":3,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1052\/revisions"}],"predecessor-version":[{"id":1058,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1052\/revisions\/1058"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media\/1056"}],"wp:attachment":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media?parent=1052"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/categories?post=1052"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/tags?post=1052"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}