On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber Crime Group Provides Ransomware Decryptor to Indonesian National Data Center
July 9, 2024
The cyber crime group that locked up an Indonesian national data center last month, impacting hundreds of government services, has opted to provide the ransomware decryptor for free. This was accompanied by an apology, but also a donation link exhorting the Indonesian government and public to show gratitude for their supposed generosity. “Brain Cipher” is a ...
- Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks In Internet Shortcut File To Lure Victims (CVE-2024-38112)
July 9, 2024
Check Point Research recently discovered that threat actors have been using novel (or previously unknown) tricks to lure Windows users for remote code execution. Specifically, the attackers used special Windows Internet Shortcut files (.url extension name), which, when clicked, would call the retired Internet Explorer (IE) to visit the attacker-controlled URL. An additional trick on IE ...
- An In-Depth Look at Crypto-Crime in 2023 Part 1
July 8, 2024
Cryptocrime refers to any criminal activity involving the use of cryptocurrency. This can include theft, fraud, money laundering, and other illicit activities. Cryptocurrencies, such as Bitcoin and Ethereum, operate on decentralized networks and are not issued or controlled by any central authority. This makes them an attractive target for criminals due to their anonymity and lack ...
- CloudSorcerer – A new APT targeting Russian government entities
July 8, 2024
In May 2024, Kaspersky researchers discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. The malware leverages cloud resources as its command and control (C2) servers, accessing them ...
- ‘RockYou2024’: Nearly 10 billion passwords leaked online
July 8, 2024
On a popular hacking form, a user has leaked a file that contains 9,948,575,739 unique plaintext passwords. The list appears to be a compilation of passwords that were obtained during several old and more recent data breaches. The list is referred to as RockYou2024 because of its filename, rockyou.txt. To cybercriminals the list has some value ...
- How to Prevent Email Spoofing with DMARC
July 8, 2024
Email-based attacks are the number one attack vector for cybercriminals. These attacks do not always require a high level of technical sophistication to carry out. And because the human factor is involved, there is almost no doubt they will endure as a favored tactic. One way bad actors can greatly increase their chances of a successful ...