An attacker has published 84 malicious versions of official TanStack npm packages, with the impact including credential theft, self-propagation, and complete disk wipe of an infected host.
The attack is part of a wave of attacks across npm and PyPI, continuing the Mini Shai-Hulud campaign. Supply chain security company Socket reports that other compromised packages include the OpenSearch client, Mistral AI, UiPath, and Guardrails AI.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US Treasury sanctions Russian research institute behind Triton malware
October 23, 2020
The US Treasury Department announced sanctions today against a Russian research institute for its role in developing Triton, a malware strain designed to attack industrial equipment. Sanctions were levied today against the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics (also known as CNIIHM or TsNIIKhM). A FireEye report ...
- Wireshark Tutorial: Examining Dridex Infection Traffic
October 23, 2020
This tutorial is designed for security professionals who investigate suspicious network activity and review network packet captures (pcaps). Familiarity with Wireshark is necessary to understand this tutorial, which focuses on Wireshark version 3.x. Dridex is the name for a family of information-stealing malware that has also been described as a banking Trojan. This malware first appeared ...
- Nvidia tackles code execution flaws, data leaks in GeForce Experience
October 23, 2020
Nvidia has resolved a trio of vulnerabilities impacting the GeForce Experience suite. GeForce Experience is software designed by Nvidia with games and live streamers in mind, including driver update management, driver optimization for gaming and graphics cards, and both video & audio capture. On October 22, Nvidia said the firm’s latest security update tackles issues found in ...
- Phishing Attack Targets Office 365 Users
October 22, 2020
Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. In reality, the attack aims to steal Office 365 recipients’ login credentials. Teams is Microsoft’s popular collaboration tool, which has particularly risen in popularity among remote workforces during the pandemic – making it an attractive brand for attackers to ...
- On the trail of the XMRig miner
October 22, 2020
As protection methods improve, the developers of miners have had to enhance their own creations, often turning to non-trivial solutions. Several such solutions (previously unseen by us) were detected during our analysis of the open source miner XMRig. How it all began: ransominer Alongside well-known groups that make money from data theft and ransomware (for example, Maze, ...
- EU sanctions Russian hackers over 2015 German parliament attack
October 22, 2020
The Council of the European Union today announced sanctions imposed on Russian military intelligence officers part of the 85th Main Centre for Special Services (GTsSS) for their involvement in a 2015 hack of the German Federal Parliament (Deutscher Bundestag). EU’s sanctions include both travel bans and asset freezes and also block EU organizations and individuals from ...