On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Criminal Actors Steal US Taxpayer Identity to File False Tax Returns and Claim Refunds
April 2, 2025
The FBI is warning the public about criminal actors stealing US taxpayer identities to file false tax returns and fraudulently claim refunds. The FBI’s Internet Crime Complaint Center (IC3) has received over 1,000 complaints about identity theft in connection with tax returns within the past year representing a 26% increase from the previous year. Stolen ...
- Palo Alto Networks gateways facing huge number of possible security attacks
April 2, 2025
Someone may be getting ready to attack Palo Alto Network devices, security researchers are warning after spotting a rise in activity. Analysts from GreyNoise said they observed a “significant surge” in login scanning activity against the company’s PAN-OS GlobalProtect portals, with almost 24,000 unique IP addresses attempting to access these portals in March 2025. “The pattern ...
- TookPS: DeepSeek isn’t the only game in town
April 2, 2025
In early March, we published a study detailing several malicious campaigns that exploited the popular DeepSeek LLM as a lure. Subsequent telemetry analysis indicated that the TookPS downloader, a malware strain detailed in the article, was not limited to mimicking neural networks. Kaspersky researchers identified fraudulent websites mimic official sources for remote desktop and 3D modeling ...
- Security firm Check Point confirms data breach, but says users have nothing to worry about
April 1, 2025
A hacker is claiming to have stolen a “highly sensitive” dataset from Check Point – but the company is looking to play down any concerns users might have. The cybercriminal, going by the name of CoreInjection, posted about the dataset of compromised Check Point files on a cybercrime forum – and alleges that the information contains ...
- Someone is trying to recruit security researchers in bizarre hacking campaign
April 1, 2025
Are you willing to hack and take control of Chinese websites for a random person for up to $100,000 a month? Someone is making precisely that tantalizing, bizarre, and clearly sketchy job offer. The person is using what looks like a series of fake accounts with avatars displaying photos of attractive women and sliding into the ...
- GCHQ worker admits taking top secret data home
March 31, 2025
A former GCHQ intern has admitted risking national security by taking top secret data home with him on his mobile phone. Hasaan Arshad, 25, pleaded guilty to an offence under the Computer Misuse Act on what would have been the first day of his trial at the Old Bailey in London. The charge related to committing ...