On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Italy: SYNLAB affected by cyber-attack
April 19, 2024
SYNLAB AG announces that SYNLAB Italy is affected by the consequences of a cyber-attack. As a precaution and in accordance with the SYNLAB IT security procedures, all IT systems in Italy have been immediately deactivated as soon as the attack was identified in the early morning of 18 April 2024. As a result of the incident, ...
- The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider
April 18, 2024
In late 2021, LabHost (AKA LabRat) emerged as a new PhaaS platform, growing over time to eventually offer dozens of phishing pages targeting banks, high-profile organizations, and other service providers located around the world, but most notably in Canada, the US, and the UK. The popularity of the platform meant that at the time of the ...
- #StopRansomware: Akira Ransomware summary
April 18, 2024
Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia. In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines. As of January 1, 2024, the ransomware group has impacted over 250 ...
- How secret rise of zero-day brokers is causing worldwide security risks
April 18, 2024
Zero-day hackers exploit security vulnerabilities in software that the developers of that software are often completely oblivious about. Imagine scrolling through your social media feed when a notification pops up, seemingly from a trusted friend. It contains a funny meme or a scandalous news story, but the link takes you to a different website. Clicking it ...
- Police bust global cyber gang accused of industrial-scale fraud
April 18, 2024
Police have taken down a gang accused of using a technology service that helped criminals use fraudulent text messages to steal from victims. They have arrested 37 people worldwide and are contacting victims. Officers say younger people who grew up with the internet were the most likely to fall for the “phishing” scam. The technology allowed ...
- SoumniBot: the new Android banker’s unique techniques
April 17, 2024
The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. That said, we ...