On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments
February 12, 2024
Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accounts, including senior executives. This post serves as a community warning regarding the attack and offers suggestions that affected organizations can implement to protect themselves from it. Proofpoint researchers detected ...
- UK: Contact details and national security numbers could have been stolen from Southern Water customers following cyber attack
February 12, 2024
The announcement, which went live on Southern Water’s website earlier today (February 12), confirms that ‘a limited part’ of the company’s server estate is at risk following an illegal intrusion earlier this year. Apologising for the breach, a spokesperson confirmed that the company is working with “expert technical advisers to confirm who is at risk,” and ...
- US Government Accounting Office says it was notified of data breach by IT contractor CGI Federal
February 12, 2024
The U.S. Government Accounting Office says it was notified of a data breach by IT contractor GCI Federal. Reuters could not immediately ascertain the size and scope of the breach. The GAO said that about 6,000 people, “primarily current and former GAO employees from 2007 to 2017,” had been affected but did not immediately respond when ...
- Hackers uncover new TheTruthSpy stalkerware victims
February 12, 2024
A consumer-grade spyware operation called TheTruthSpy poses an ongoing security and privacy risk to thousands of people whose Android devices are unknowingly compromised with its mobile surveillance apps, not least due to a simple security flaw that its operators never fixed. Now, two hacking groups have independently found the flaw that allows the mass access of ...
- Kenya: Cyber attacks on computer systems, mobile apps surge
February 10, 2024
Cyber attacks on computer systems and mobile applications recorded the highest increase in the three months to December last year, the latest data from the Communications Authority of Kenya (CA) shows. According to the CA’s Cyber Security report for the period, system attack threats that were detected increased 10-fold compared to the preceding three-month period that ...
- Coyote: A multi-stage banking Trojan abusing the Squirrel installer
February 8, 2024
The developers of banking Trojan malware are constantly looking for inventive ways to distribute theirs implants and infect victims. In a recent investigation, Kaspersky researchers encountered a new malware that specifically targets users of more than 60 banking institutions, mainly from Brazil. What caught their attention was the sophisticated infection chain that makes use of various ...