{"id":1580,"date":"2021-03-05T14:33:26","date_gmt":"2021-03-05T19:33:26","guid":{"rendered":"https:\/\/www.pwvconsultants.com\/blog\/?p=1580"},"modified":"2021-03-05T14:33:28","modified_gmt":"2021-03-05T19:33:28","slug":"npm-dependency-confusion-attack-targets-amazon-slack","status":"publish","type":"post","link":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/","title":{"rendered":"NPM Dependency Confusion Attack Targets Amazon, Slack"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\" id=\"h-dependency-confusion-attacks-are-no-longer-just-proof-of-concept-amazon-slack-and-others-are-being-targeted-by-threat-actors-in-a-new-attack\">Dependency confusion attacks are no longer just proof-of-concept. Amazon, Slack and others are being targeted by threat actors in a new attack.<\/h2>\n\n\n\n<p>Previously, we reported on a novel <a href=\"https:\/\/www.pwvconsultants.com\/blog\/novel-attack-via-open-source-repositories\/\" target=\"_blank\" rel=\"noreferrer noopener\">proof-of-concept attack<\/a> conducted by an ethical hacker. Alex Birsan received bug bounties for his ability to breach more than 35 companies in his PoC attack, labeled \u201cdependency confusion,\u201d and that research is now being used by threat actors. Large corporations like Amazon, Slack, Zillow and Lyft have been targeted to steal Linux\/Unix password files and open reverse shells back to the attackers.<\/p>\n\n\n\n<p>The flaw being exploited is called \u201cdependency confusion\u201d for a reason. What attackers do is create a package that utilizes the same name as a company\u2019s internal repository. When that new package is created on a public repository, dependency managers end up using the public packages instead of the company\u2019s internal packages. With this confusion, threat actors can inject malicious code into an internal application. <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/malicious-npm-packages-target-amazon-slack-with-new-dependency-attacks\/\" target=\"_blank\" rel=\"noreferrer noopener\">Bleeping Computer <\/a>has a nice breakdown of how the threat actors are adapting the code used by Birsan, but they are largely starting with his research as the base.<\/p>\n\n\n\n<p>Considering that these repositories are public and anyone can access them, it will be easy for other threat actors to continue this type of an attack. It\u2019s likely that we will continue to see it until businesses catch up and implement the fixes laid out by their open-source provider, which involves developers securing configuration files.<\/p>\n\n\n\n<p>When we discussed this research after Birsan shared it publicly, we also urged businesses to implement the fix that was laid out. This is why. Threat actors know that businesses put off security, they know that security is an afterthought and that it is viewed as less than important. All of those thought processes are WRONG. This particular attack is incredibly scary for businesses. They have no control over whose credentials are taken, which means they have no way to know what systems could potentially be exposed. Addressing that issue is going to be way more expensive and vastly more time consuming than simply securing configuration around specific components.<\/p>\n\n\n\n<p>Remember, if you haven\u2019t conducted a security review in the last six months, it needs to be done. Likewise, any additional known vulnerabilities that haven\u2019t yet been patched should be patched as soon as possible. Dependency confusion is a real problem with potentially harmful results. And if a threat actor breaches your business with this attack and you haven\u2019t fixed the issue, guess who gets to pay for all of that damage? Yep, you do. Or, rather, your business does. Fines from compliance bodies, reparations to customers, loss of customers due to loss of trust, legal fees and anything else associated with the breach falls squarely on the shoulders of your business.<\/p>\n\n\n\n<p>As a business owner or business leader, it is your job to ensure the security of not just your business, but your customer and employee information as well. This really isn\u2019t something that can wait, regardless of the reason. If you can\u2019t get to it, you don\u2019t have the know-how or ability, or there\u2019s some other reason you haven\u2019t gotten it done yet, we implore you to consult an expert. Bring someone in who can help, who can handle it for you and ensure it\u2019s done properly. As a business leader or business owner, you have more than just security to worry about, that\u2019s understandable. But you simply cannot ignore it any longer.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Proof-of-concept no more, dependency confusion is now in the wild. Businesses must address this problem immediately.<\/p>\n","protected":false},"author":1,"featured_media":1597,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[1969,5,14],"tags":[1569,2167,1910,31,2172,2086,1938,1905,2132],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.2 (Yoast SEO v22.2) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>NPM Dependency Confusion Attack Targets Amazon, Slack - PWV Consultants<\/title>\n<meta name=\"description\" content=\"Proof-of-concept no more, dependency confusion is now in the wild. Businesses must address this known vulnerability as soon as possible.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NPM Dependency Confusion Attack Targets Amazon, Slack\" \/>\n<meta property=\"og:description\" content=\"Proof-of-concept no more, dependency confusion is now in the wild. Businesses must address this problem immediately.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/\" \/>\n<meta property=\"og:site_name\" content=\"PWV Consultants\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\" \/>\n<meta property=\"article:published_time\" content=\"2021-03-05T19:33:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-03-05T19:33:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"946\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Pieter VanIperen\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:site\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Pieter VanIperen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/\"},\"author\":{\"name\":\"Pieter VanIperen\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\"},\"headline\":\"NPM Dependency Confusion Attack Targets Amazon, Slack\",\"datePublished\":\"2021-03-05T19:33:26+00:00\",\"dateModified\":\"2021-03-05T19:33:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/\"},\"wordCount\":593,\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg\",\"keywords\":[\"code\",\"cyber-attack\",\"CyberSec\",\"Cybersecurity\",\"Dependency Confusion\",\"known vulnerability\",\"Open Source Code\",\"open-source\",\"Repositories\"],\"articleSection\":[\"Business\",\"Cyber Security\",\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/\",\"name\":\"NPM Dependency Confusion Attack Targets Amazon, Slack - PWV Consultants\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg\",\"datePublished\":\"2021-03-05T19:33:26+00:00\",\"dateModified\":\"2021-03-05T19:33:28+00:00\",\"description\":\"Proof-of-concept no more, dependency confusion is now in the wild. Businesses must address this known vulnerability as soon as possible.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg\",\"width\":2560,\"height\":946},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.pwvconsultants.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NPM Dependency Confusion Attack Targets Amazon, Slack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"name\":\"PWV Consultants\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\",\"name\":\"PWV Consultants\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"width\":98,\"height\":84,\"caption\":\"PWV Consultants\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\",\"https:\/\/twitter.com\/PWV_Consultants\",\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\",\"name\":\"Pieter VanIperen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"caption\":\"Pieter VanIperen\"},\"description\":\"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"NPM Dependency Confusion Attack Targets Amazon, Slack - PWV Consultants","description":"Proof-of-concept no more, dependency confusion is now in the wild. Businesses must address this known vulnerability as soon as possible.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/","og_locale":"en_US","og_type":"article","og_title":"NPM Dependency Confusion Attack Targets Amazon, Slack","og_description":"Proof-of-concept no more, dependency confusion is now in the wild. Businesses must address this problem immediately.","og_url":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/","og_site_name":"PWV Consultants","article_publisher":"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","article_published_time":"2021-03-05T19:33:26+00:00","article_modified_time":"2021-03-05T19:33:28+00:00","og_image":[{"width":2560,"height":946,"url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg","type":"image\/jpeg"}],"author":"Pieter VanIperen","twitter_card":"summary_large_image","twitter_creator":"@PWV_Consultants","twitter_site":"@PWV_Consultants","twitter_misc":{"Written by":"Pieter VanIperen","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#article","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/"},"author":{"name":"Pieter VanIperen","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4"},"headline":"NPM Dependency Confusion Attack Targets Amazon, Slack","datePublished":"2021-03-05T19:33:26+00:00","dateModified":"2021-03-05T19:33:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/"},"wordCount":593,"publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg","keywords":["code","cyber-attack","CyberSec","Cybersecurity","Dependency Confusion","known vulnerability","Open Source Code","open-source","Repositories"],"articleSection":["Business","Cyber Security","Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/","url":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/","name":"NPM Dependency Confusion Attack Targets Amazon, Slack - PWV Consultants","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg","datePublished":"2021-03-05T19:33:26+00:00","dateModified":"2021-03-05T19:33:28+00:00","description":"Proof-of-concept no more, dependency confusion is now in the wild. Businesses must address this known vulnerability as soon as possible.","breadcrumb":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#primaryimage","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2021\/03\/dependency-confusion-scaled.jpeg","width":2560,"height":946},{"@type":"BreadcrumbList","@id":"https:\/\/www.pwvconsultants.com\/blog\/npm-dependency-confusion-attack-targets-amazon-slack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pwvconsultants.com\/blog\/"},{"@type":"ListItem","position":2,"name":"NPM Dependency Confusion Attack Targets Amazon, Slack"}]},{"@type":"WebSite","@id":"https:\/\/www.pwvconsultants.com\/blog\/#website","url":"https:\/\/www.pwvconsultants.com\/blog\/","name":"PWV Consultants","description":"","publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization","name":"PWV Consultants","url":"https:\/\/www.pwvconsultants.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","width":98,"height":84,"caption":"PWV Consultants"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","https:\/\/twitter.com\/PWV_Consultants","https:\/\/www.linkedin.com\/company\/pwv-consultants"]},{"@type":"Person","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4","name":"Pieter VanIperen","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","caption":"Pieter VanIperen"},"description":"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.","sameAs":["https:\/\/www.linkedin.com\/company\/pwv-consultants"]}]}},"_links":{"self":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1580"}],"collection":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/comments?post=1580"}],"version-history":[{"count":2,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1580\/revisions"}],"predecessor-version":[{"id":1595,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/1580\/revisions\/1595"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media\/1597"}],"wp:attachment":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media?parent=1580"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/categories?post=1580"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/tags?post=1580"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}