An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft, self-propagation, and complete disk wipe of an infected host.
The attack is part of a wave of attacks across npm and PyPI, continuing the Mini Shai-Hulud campaign. Supply chain security company Socket reports that other compromised packages include the OpenSearch client, Mistral AI, UiPath, and Guardrails AI.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Meta links US military to fake social media influence campaigns
November 24, 2022
In its latest quarterly threat report, Meta said it had detected and disrupted influence operations originating in the US, and it calls out those it believes are responsible: the American military. Meta said it picked up on three major covert influence operations on its platforms in the third quarter of the year, the first of which ...
- UK: Government departments ordered to stop installing cameras made by Chinese firms in ‘sensitive sites’
November 24, 2022
Government departments have been told to stop installing cameras made by Chinese firms in “sensitive sites”. They have also been urged to disconnect Chinese-made devices from core computer networks and to consider removing them altogether, amid security concerns. The Government Security Group has said that since companies in China have to comply with the country’s national intelligence ...
- European Parliament Putin things back together after cyber attack
November 24, 2022
The European Parliament has experienced a cyber attack that started not long after it declared Russia to be a state sponsor of terrorism. The attack appears to have made part of the Parliament’s website inoperable and made access impossible for a few hours. A pro-Russian group called KILLNET appears to have claimed responsibility for the attack in ...
- Ducktail hackers now use WhatsApp to phish for Facebook Ad accounts
November 23, 2022
A cybercriminal operation tracked as Ducktail has been hijacking Facebook Business accounts causing losses of up to $600,000 in advertising credits. The gang has been spotted before using malware to steal Facebook-related information and hijack associated business accounts to run their own ads that are paid for by the victim. Believed to be the work of a ...
- WannaRen Returns as Life Ransomware, Targets India
November 23, 2022
Although not as well-known as ransomware families such as Ryuk, REvil, or Maze, WannaRen ransomware made a name for itself back in 2020 after it launched attacks against Chinese internet users, infecting tens of thousands of victims. However, it has become relatively quiet since that attack, with the ransomware’s authors even sharing its private encryption ...
- CISA Releases Eight Industrial Control Systems Advisories
November 22, 2022
CISA has released eight (8) Industrial Control Systems (ICS) advisories on 22 November 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-22-326-01 AVEVA Edge ICSA-22-326-02 Digital Alert Systems DASDEC ICSA-22-326-03 Phoenix Contact Automation Worx ICSA-22-326-04 GE ...