Cache-poisoning caper turns TanStack npm packages toxic


An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft, self-propagation, and complete disk wipe of an infected host.

The attack is part of a wave of attacks across npm and PyPI, continuing the Mini Shai-Hulud campaign. Supply chain security company Socket reports that other compromised packages include the OpenSearch client, Mistral AI, UiPath, and Guardrails AI.

Read more…
Source:  The Register News


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Emotet malware attacks return after three-month break

    March 7, 2023

    The Emotet malware operation is again spamming malicious emails as of Tuesday morning after a three-month break, rebuilding its network and infecting devices worldwide. Emotet is a notorious malware distributed through email containing malicious Microsoft Word and Excel document attachments. When users open these documents and macros are enabled, the Emotet DLL will be downloaded and ...

  • Protecting Android clipboard content from unintended exposure

    March 6, 2023

    Considering mobile users often use the clipboard to copy and paste sensitive information, like passwords or payment information, clipboard contents can be an attractive target for cyberattacks. Leveraging clipboards can enable attackers to collect target information and exfiltrate useful data. Examples even exist of attackers hijacking and replacing the clipboard contents for malicious purposes, such as modifying a copied ...

  • Threat landscape for industrial automation systems for H2 2022

    March 6, 2023

    In H2 2022, the percentage of ICS computers on which malicious objects were blocked increased by 3.5 percentage points compared to the previous six-month period, reaching 34.3%. This was higher than the percentages for 2021 and even 2020. Read more… Source: Kaspersky

  • DoppelPaymer ransomware suspects cuffed, alleged ringleaders escape

    March 6, 2023

    German and Ukrainian cops have arrested suspected members of the DoppelPaymer ransomware crew and issued warrants for three other “masterminds” behind the global operation that extorted tens of millions of dollars and may have led to the death of a hospital patient. The criminal gang, also known as Indrik Spider, Double Spider and Grief, used double-extortion ...

  • Spike in LokiBot Activity During Final Week of 2022

    March 3, 2023

    Unit 42 researchers have uncovered a malware distribution campaign that is delivering the LokiBot information stealer via business email compromise (BEC) phishing emails. This malware is designed to steal sensitive information from victims’ systems, such as passwords and banking information, as well as other sensitive data. In this blog, Unit 42 researchers will explain how attackers used ...

  • Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer

    March 2, 2023

    Recently, Trend Micro researchers noticed a spike in the number of emails received by one of our customers. After further investigation, they found that three other customers in the hospitality industry were also affected. The researchers observed that most of the emails had subject lines that attempt to catch victims’ attention: “help,” “requesting for assistance,” ...