On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ukrainian hackers steal construction plans for 500 Russian military sites
January 18, 2024
Hackers from the group Blackjack, purportedly affiliated with Ukraine’s SBU security service, have breached a Russian state enterprise involved in construction work for the Russian military, and downloaded over 1.2 TB of data, a Ukrainian law enforcement source told NV on Jan. 18. The data from Russia’s Main Military Construction Directorate for Special Projects included more ...
- TA866 returns with a large Email campaign
January 18, 2024
Proofpoint researchers identified the return of TA866 to email threat campaign data, after a nine-month absence. On January 11, 2024, Proofpoint blocked a large volume campaign consisting of several thousand emails targeting North America. Invoice-themed emails had attached PDFs with names such as “Document_.pdf” and various subjects such as “Project achievements”. The PDFs contained OneDrive ...
- Thousands of Android TV boxes hit by dangerous new malware-dropping botnet
January 18, 2024
A group of hackers has been secretly building a botnet of Android TV and eCos set-top boxes, and then monetizing the access to earn masses of wealth, researchers have warned. Cybersecurity experts from Qianxin Xlabs dubbed the operation “Bigpanzi”, and claim there are some 170,000 daily active bots. Given that not all endpoints are active at ...
- The dangers of quadruple blow ransomware attacks
January 18, 2024
For the first time, a ransomware gang has reported one of its victims to the authorities. This has never happened before and shows the continuing evolution of their business models to maintain pressure on the victim organisations. With this new mechanism, criminal actors are using the threat of potential regulatory fines as an additional incentive for ...
- JPMorgan spends $15 billion a year on technology, given the risk of a data breach
January 17, 2024
JPMorgan Chase’s banking systems are attacked by hackers 45 billion a day, double what it saw a year earlier. The nation’s largest bank spends $15 billion a year on technology, given the risk of a data breach and the potentially devastating consequences of a successful cyber attack, Mary Callahan Erdoes, chief executive of the bank’s Asset ...
- Ivanti vulnerabilities now actively exploited in massive numbers
January 17, 2024
The researchers that discovered the active exploitation are warning that these attacks are now very widespread. The fact that there are no patches available and users were asked to apply a workaround and monitor their network traffic for suspicious activity, may have contributed to the slow response to the sounded alarms. Almost 7000 devices remain vulnerable ...