Cache-poisoning caper turns TanStack npm packages toxic


An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft, self-propagation, and complete disk wipe of an infected host.

The attack is part of a wave of attacks across npm and PyPI, continuing the Mini Shai-Hulud campaign. Supply chain security company Socket reports that other compromised packages include the OpenSearch client, Mistral AI, UiPath, and Guardrails AI.

Read more…
Source:  The Register News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Canada: RCMP confirms ‘alarming’ cyber event targeting its networks

    February 23, 2024

    The Royal Canadian Mounted Police confirmed to CTV News on Friday that it was dealing with a cyber event that targeted its networks, forcing it to launch a criminal investigation into the breach. “At this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” RCMP media ...

  • China’s top anti-espionage authority warns of secret leaks through smart wearable devices

    February 23, 2024

    China’s top anti-espionage authority warned on Friday that various smart wearable devices may become “cyber spies” used by foreign intelligence agencies to carry out espionage activities, posing a threat to national security. The Ministry of State Security (MSS) said on its official WeChat account on Friday that when smart wearable devices are connected to smartphones via ...

  • “To live is to fight, to fight is to live! – IBM ODM Remote Code Execution

    February 22, 2024

    In previous blogs, watchTowr researchers discussed some of the big players in the enterprise software space, but there is one that they have not mentioned before, that is – quite frankly – the heavy-weight champion of the world in terms of applications for large enterprises. With over a hundred years of experience, a founder and leader ...

  • ClamAV’s VirusEvent Command Injection Vulnerability

    February 22, 2024

    SonicWall Capture Labs Threat Research Team became aware of the ClamAV VirusEvent command injection vulnerability (CVE-2024-20328), assessed its impact, and developed mitigation measures for the vulnerability. ClamAV is a notable, open-source anti-virus engine, widely recognized for its comprehensive suite of security solutions. It offers an array of features, including web and email scanning capabilities, endpoint security, ...

  • Malawi: Cyber-attack hits immigration service

    February 22, 2024

    Malawi’s government has suspended the issuing of passports following a cyber-attack on the immigration service’s computer network. President Lazarus Chakwera told MPs that the targeting of the department amounted to a “serious national security breach”. He revealed that the hackers were asking for a ransom. But the president said the government would not give in to ...

  • FBI issues warning against using Chinese manufactured drones

    February 21, 2024

    Chinese-manufactured unmanned aircraft systems (UAS), more commonly known as drones, continue to pose a significant risk to critical infrastructure and U.S. national security, according to an FBI advisory. While any UAS could have vulnerabilities that enable data theft or facilitate network compromises, the People’s Republic of China (PRC) has enacted laws that provide the government with ...