On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- What’s in your notepad? Infected text editors target Chinese users
March 13, 2024
“Malvertising” is a popular way of attracting victims to malicious sites: an advertisement block is placed at the top of the search results, increasing the likelihood of users clicking the link. Sites at the top of search results also tend to be more trusted by users. A year ago, Kaspersky experts discussed a malvertising campaign that ...
- US health department opens probe into UnitedHealth hack
March 13, 2024
The U.S. government on Wednesday said it has opened an investigation into the cyberattack at UnitedHealth Group’s Change Healthcare to find out whether there was a breach of protected health data and if the company followed U.S. health privacy law. It is the first announcement of a probe by the Department Of Health and Human Services ...
- Roku Discloses Data Breach, 15,000 Accounts Compromised
March 13, 2024
The streaming platform Roku has suffered a data breach, with more than 15,000 accounts compromised. The company – which has more than 80 million active accounts – revealed the breach in filings with the state attorney generals of Maine and California on Friday. The filings indicate that 15,363 accounts were compromised between Dec. 28, 2023, and ...
- New Multi-Stage StopCrypt Ransomware
March 12, 2024
The SonicWall Capture Labs threat research team recently observed a new variant of StopCrypt ransomware. The ransomware executes its malicious activities by utilizing multi-stage shellcodes before launching a final payload that contains the file encryption code. Infection Cycle At the start of execution, it creates a string of msim32.dll on the stack, and, using LoadLibrary, loads ...
- Is Cybersecurity The Achilles’ Heel Of The Electric Vehicle Revolution?
March 12, 2024
The electric vehicle (EV) sector, though nascent and in its formative years, faces numerous challenges. Recent concerns, such as “range anxiety” (a vehicle battery’s charge and ability to complete a planned journey) among consumers and incidents of vehicles losing power in cold temperatures, have contributed to a slowdown in adoption. While the trajectory of electric vehicle ...
- Acer Philippines reports data breach in third-party vendor system
March 12, 2024
Acer Philippines confirmed through an official statement that a security breach occurred within a third-party vendor’s system. The vendor was responsible for managing Acer Philippines’ employee attendance data, and the breach resulted in the unauthorized access of this information. The company emphasized that this incident does not involve Acer Philippines customer databases. Customer data remains secure, ...