https://live.paloaltonetworks.com/t5/next-generation-firewall/npn-incident-suggest-a-quot-software-repository-quot-url/m-p/1237742#M6280 <P>Hi!</P> <P>&nbsp;</P> <P>I've been investigating the NPN supply chain attack here, one strand of which was looking at servers who had fetched from the repository using URL filtering. Our servers _alert_ on "computers-and-internet-info" (which&nbsp;<SPAN class="s1">registry.npmjs.org is categorised as) but client devices don't.</SPAN></P> <P>&nbsp;</P> <P><SPAN class="s1">And it occurred to me that if&nbsp;</SPAN><SPAN class="s1">registry.npmjs.org was categorised as "software repository" in URL filtering, we could "alert" for client devices and a slightly more specific category would be handy for this particular case.</SPAN></P> <P>&nbsp;</P> <P><SPAN class="s1">Worth a feature request?</SPAN></P> <P>&nbsp;</P> Thu, 11 Sep 2025 09:16:57 GMT MikeMeredith 2025-09-11T09:16:57Z https://live.paloaltonetworks.com/t5/next-generation-firewall/npn-incident-suggest-a-quot-software-repository-quot-url/m-p/1237742#M6280 <P>Hi!</P> <P>&nbsp;</P> <P>I've been investigating the NPN supply chain attack here, one strand of which was looking at servers who had fetched from the repository using URL filtering. Our servers _alert_ on "computers-and-internet-info" (which&nbsp;<SPAN class="s1">registry.npmjs.org is categorised as) but client devices don't.</SPAN></P> <P>&nbsp;</P> <P><SPAN class="s1">And it occurred to me that if&nbsp;</SPAN><SPAN class="s1">registry.npmjs.org was categorised as "software repository" in URL filtering, we could "alert" for client devices and a slightly more specific category would be handy for this particular case.</SPAN></P> <P>&nbsp;</P> <P><SPAN class="s1">Worth a feature request?</SPAN></P> <P>&nbsp;</P> Thu, 11 Sep 2025 09:16:57 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/npn-incident-suggest-a-quot-software-repository-quot-url/m-p/1237742#M6280 MikeMeredith 2025-09-11T09:16:57Z