{"id":973,"date":"2020-10-20T10:00:00","date_gmt":"2020-10-20T14:00:00","guid":{"rendered":"https:\/\/www.pwvconsultants.com\/blog\/?p=973"},"modified":"2020-10-19T19:42:59","modified_gmt":"2020-10-19T23:42:59","slug":"all-open-sourced-code-should-be-reviewed","status":"publish","type":"post","link":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/","title":{"rendered":"All Open-Sourced Code Should Be Reviewed"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Three JavaScript packages were removed from the npm portal last week for malicious code. Just another reason all open-source code should be reviewed prior to deployment.<\/h2>\n\n\n\n<p>We\u2019ve been warned about this for years. Open-sourced code is a beautiful thing because it allows for coders, developers and engineers to build off of each other\u2019s work. It makes those jobs easier by providing a codebase for common projects, and is a place where industry experts can look for a specific code to fix a problem in business-specific projects. But it\u2019s also a place where bad actors can say they\u2019ve got a fix for something, which they might, but they also throw in a <a href=\"https:\/\/www.pwvconsultants.com\/blog\/the-negative-impact-of-malware\/\" target=\"_blank\" rel=\"noreferrer noopener\">malicious string of malware<\/a>. Last week, three JavaScript packages were removed from the npm portal due to malware embedded in the code, showing why all open-sourced code needs to be reviewed.<\/p>\n\n\n\n<p>The three packages (<a href=\"https:\/\/www.npmjs.com\/package\/plutov-slack-client\">plutov-slack-client<\/a>, <a href=\"https:\/\/www.npmjs.com\/package\/nodetest199\">Nodetest199<\/a>, <a href=\"https:\/\/www.npmjs.com\/package\/nodetest1010\">nodetest1010<\/a>) opened shells on machines of developers who imported them into projects. The shells allowed bad actors to remotely connect to those machines and perform nefarious activities. These packages can function on Windows and *nix operating systems like Linux, and have been live for over a year, resulting in hundreds of downloads. From <a href=\"https:\/\/www.zdnet.com\/google-amp\/article\/four-npm-packages-found-uploading-user-details-on-a-github-page\/\" target=\"_blank\" rel=\"noreferrer noopener\">ZDnet<\/a>:<\/p>\n\n\n\n<blockquote class=\"wp-block-quote\"><p>&#8220;Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer,&#8221; the npm security team said. <\/p><p>&#8220;The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it,&#8221; they added.<\/p><\/blockquote>\n\n\n\n<p>This exact scenario has <a href=\"https:\/\/medium.com\/hackernoon\/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5\" target=\"_blank\" rel=\"noreferrer noopener\">been warned about before<\/a>, several years ago. The article outlines the potential for an attack just like this with the author warning that devs should be reviewing the code they copy from places like GitHub. There are even free tools and companies like Snyk which monitor open-source packages and can scan codebases every time a commit to your codebase is made. So while you may want someone to have physical eyes on that code, most of the time developers and their teams simply don\u2019t have the time to review it all. That\u2019s when these tools can come into play and ensure that your business information and machines are protected.<\/p>\n\n\n\n<p>If your development team has downloaded any of these packages, you must immediately treat this as an incident. Isolate the infected machines from the rest of your network. Gather your incident response team to start mitigating the problems that are going to arise. Assume infected machines are fully compromised and breached, and that the breach is ongoing. Remove the packages and scan for continuing activity. Scan your network to ensure it was not affected. Change any passwords that may have been compromised, lock down any credit card information located on the machine.<\/p>\n\n\n\n<p>Npm\u2019s JavaScript library is the largest package repository for any programming language and is regularly scanned by their security team. Malicious packages are removed regularly, but this is the third major issue in three months. Given that cybersecurity attacks are on the rise amid the pandemic and strained business systems, it should come as no surprise that some bad actors found a \u201cnew\u201d way to get the information they want.<\/p>\n\n\n\n<p>If your team did not download any of those packages or your business doesn\u2019t use machines that are affected, consider yourself lucky. This time. Take it as a warning and review your open-source code. Use an automated tool, but have some kind of protection in place. If you are affected by these packages, do your due diligence and follow the proper protocols. Either way, be sure to monitor all open-source code that your development team uses going forward!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Npm removed three malicious packages from its JavaScript library last week. Devs should take note and review all open-sourced code they use.<\/p>\n","protected":false},"author":1,"featured_media":983,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[599,5,959,4],"tags":[1906,1569,926,1170,1909,1908,575,1904,1745,1903,1905,17],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.2 (Yoast SEO v22.2) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>All Open-Sourced Code Should Be Reviewed - PWV Consultants<\/title>\n<meta name=\"description\" content=\"Npm removed three malicious packages from its JavaScript library last week. Devs should take note and review all open-sourced code they use.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"All Open-Sourced Code Should Be Reviewed\" \/>\n<meta property=\"og:description\" content=\"Npm removed three malicious packages from its JavaScript library last week. Devs should take note and review all open-sourced code they use.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\" \/>\n<meta property=\"og:site_name\" content=\"PWV Consultants\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\" \/>\n<meta property=\"article:published_time\" content=\"2020-10-20T14:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-10-19T23:42:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Pieter VanIperen\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:site\" content=\"@PWV_Consultants\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Pieter VanIperen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\"},\"author\":{\"name\":\"Pieter VanIperen\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\"},\"headline\":\"All Open-Sourced Code Should Be Reviewed\",\"datePublished\":\"2020-10-20T14:00:00+00:00\",\"dateModified\":\"2020-10-19T23:42:59+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\"},\"wordCount\":642,\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg\",\"keywords\":[\"bad actors\",\"code\",\"data breach\",\"Developers\",\"Hackernoon\",\"incident\",\"Information Security\",\"JavaScript\",\"malware\",\"npm\",\"open-source\",\"Security\"],\"articleSection\":[\"Coding\",\"Cyber Security\",\"Data Breaches\",\"Information Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\",\"name\":\"All Open-Sourced Code Should Be Reviewed - PWV Consultants\",\"isPartOf\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg\",\"datePublished\":\"2020-10-20T14:00:00+00:00\",\"dateModified\":\"2020-10-19T23:42:59+00:00\",\"description\":\"Npm removed three malicious packages from its JavaScript library last week. Devs should take note and review all open-sourced code they use.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg\",\"width\":1920,\"height\":1280,\"caption\":\"Image by Markus Winkler from Pixabay\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.pwvconsultants.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"All Open-Sourced Code Should Be Reviewed\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#website\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"name\":\"PWV Consultants\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#organization\",\"name\":\"PWV Consultants\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"contentUrl\":\"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png\",\"width\":98,\"height\":84,\"caption\":\"PWV Consultants\"},\"image\":{\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964\",\"https:\/\/twitter.com\/PWV_Consultants\",\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4\",\"name\":\"Pieter VanIperen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g\",\"caption\":\"Pieter VanIperen\"},\"description\":\"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/company\/pwv-consultants\"]}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"All Open-Sourced Code Should Be Reviewed - PWV Consultants","description":"Npm removed three malicious packages from its JavaScript library last week. Devs should take note and review all open-sourced code they use.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/","og_locale":"en_US","og_type":"article","og_title":"All Open-Sourced Code Should Be Reviewed","og_description":"Npm removed three malicious packages from its JavaScript library last week. Devs should take note and review all open-sourced code they use.","og_url":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/","og_site_name":"PWV Consultants","article_publisher":"https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","article_published_time":"2020-10-20T14:00:00+00:00","article_modified_time":"2020-10-19T23:42:59+00:00","og_image":[{"width":1920,"height":1280,"url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg","type":"image\/jpeg"}],"author":"Pieter VanIperen","twitter_card":"summary_large_image","twitter_creator":"@PWV_Consultants","twitter_site":"@PWV_Consultants","twitter_misc":{"Written by":"Pieter VanIperen","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#article","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/"},"author":{"name":"Pieter VanIperen","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4"},"headline":"All Open-Sourced Code Should Be Reviewed","datePublished":"2020-10-20T14:00:00+00:00","dateModified":"2020-10-19T23:42:59+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/"},"wordCount":642,"publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg","keywords":["bad actors","code","data breach","Developers","Hackernoon","incident","Information Security","JavaScript","malware","npm","open-source","Security"],"articleSection":["Coding","Cyber Security","Data Breaches","Information Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/","url":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/","name":"All Open-Sourced Code Should Be Reviewed - PWV Consultants","isPartOf":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg","datePublished":"2020-10-20T14:00:00+00:00","dateModified":"2020-10-19T23:42:59+00:00","description":"Npm removed three malicious packages from its JavaScript library last week. Devs should take note and review all open-sourced code they use.","breadcrumb":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#primaryimage","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/10\/code-5289831_1920.jpg","width":1920,"height":1280,"caption":"Image by Markus Winkler from Pixabay"},{"@type":"BreadcrumbList","@id":"https:\/\/www.pwvconsultants.com\/blog\/all-open-sourced-code-should-be-reviewed\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pwvconsultants.com\/blog\/"},{"@type":"ListItem","position":2,"name":"All Open-Sourced Code Should Be Reviewed"}]},{"@type":"WebSite","@id":"https:\/\/www.pwvconsultants.com\/blog\/#website","url":"https:\/\/www.pwvconsultants.com\/blog\/","name":"PWV Consultants","description":"","publisher":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pwvconsultants.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pwvconsultants.com\/blog\/#organization","name":"PWV Consultants","url":"https:\/\/www.pwvconsultants.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","contentUrl":"https:\/\/www.pwvconsultants.com\/blog\/wp-content\/uploads\/2020\/04\/logo-alternate-e1585773530392.png","width":98,"height":84,"caption":"PWV Consultants"},"image":{"@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/PWV-Consultants-110444033947964","https:\/\/twitter.com\/PWV_Consultants","https:\/\/www.linkedin.com\/company\/pwv-consultants"]},{"@type":"Person","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/c15d5d40126a8ad906cb3067de95f8d4","name":"Pieter VanIperen","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pwvconsultants.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8b294918257a810803e2befc9a71b7bc?s=96&d=mm&r=g","caption":"Pieter VanIperen"},"description":"PWV Consultants is a boutique group of industry leaders and influencers from the digital tech, security and design industries that acts as trusted technical partners for many Fortune 500 companies, high-visibility startups, universities, defense agencies, and NGOs. Founded by 20-year software engineering veterans, who have founded or co-founder several companies. PWV experts act as a trusted advisors and mentors to numerous early stage startups, and have held the titles of software and software security executive, consultant and professor. PWV's expert consulting and advisory work spans several high impact industries in finance, media, medical tech, and defense contracting. PWV's founding experts also authored the highly influential precursor HAZL (jADE) programming language.","sameAs":["https:\/\/www.linkedin.com\/company\/pwv-consultants"]}]}},"_links":{"self":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/973"}],"collection":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/comments?post=973"}],"version-history":[{"count":4,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/973\/revisions"}],"predecessor-version":[{"id":987,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/posts\/973\/revisions\/987"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media\/983"}],"wp:attachment":[{"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/media?parent=973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/categories?post=973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pwvconsultants.com\/blog\/wp-json\/wp\/v2\/tags?post=973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}