Cache-poisoning caper turns TanStack npm packages toxic


An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft, self-propagation, and complete disk wipe of an infected host.

The attack is part of a wave of attacks across npm and PyPI, continuing the Mini Shai-Hulud campaign. Supply chain security company Socket reports that other compromised packages include the OpenSearch client, Mistral AI, UiPath, and Guardrails AI.

Read more…
Source:  The Register News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Spying, hacking and intimidation: Israel’s nine-year ‘war’ on the ICC exposed

    May 28, 2024

    When the chief prosecutor of the International criminal court (ICC) announced he was seeking arrest warrants against Israeli and Hamas leaders, he issued a cryptic warning: “I insist that all attempts to impede, intimidate or improperly influence the officials of this court must cease immediately.” Now, an investigation by the Guardian and the Israeli-based magazines +972 ...

  • Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

    May 27, 2024

    Cybercriminals and Advanced Persistent Threat (APT) actors share a common interest in proxy anonymization layers and Virtual Private Network (VPN) nodes to hide traces of their presence and make detection of malicious activities more difficult. This shared interest results in malicious internet traffic blending financial and espionage motives. A prominent example of this includes a cybercriminal ...

  • Threat landscape for industrial automation systems, Q1 2024

    May 27, 2024

    In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Building automation has historically led the surveyed industries in terms of the percentage of ICS computers ...

  • Ghana Cyber Security Authority Records 187 Cases of WhatsApp Account Takeovers, Warns of Rising Trend

    May 27, 2024

    The Cyber Security Authority (CSA) says a growing number of Ghanaians are falling victim to social engineering and sharing WhatsApp verification codes with malicious actors. This has led to about 187 cases recorded since 2023, it said in a statement. “Malicious actors disguise themselves as familiar contacts or as authoritative figures (typically as administrators of Groups ...

  • Massive cyber attack against Eritrea’s Internet System

    May 26, 2024

    A massive cyber attack was unleashed against Eritrea’s Internet System on Independence Day, Friday, 24 May 2024, at 12:32’:47 in the afternoon hours. The attempt was foiled by the defensive countermeasures deployed promptly, and the network continued its functions without interruptions. The identity of the originators, architects, and implementers of the attempted cyber attack is not ...

  • Hellhounds: Operation Lahat. Part 2

    May 23, 2024

    In November 2023, the team at the Positive Technologies Expert Security Center (PT ESC) released their first research report on attacks by the hitherto-unknown group Hellhounds on Russian companies’ infrastructure: Operation Lahat. The report focused on the group’s attacks on Linux hosts that relied on a new backdoor known as Decoy Dog. Hellhounds carried on attacks ...