On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- You versus adversaries: How to become unbeatable in 20 cybersecurity moves
December 8, 2023
In today’s landscape, every business is inherently based on technology, increasing its susceptibility to significant and frequent threats that can hinder operations, success, and sustainability. At times, it can cause damage that is hard to bounce back from. Securing your organization, therefore, requires a deliberate, proactive, and holistic approach — you must keep constant tabs on ...
- MrAnon Stealer Spreads via Email with Fake Hotel Booking PDF
December 7, 2023
FortiGuard Labs recently identified an email phishing campaign using deceptive booking information to entice victims into clicking on a malicious PDF file. The PDF downloads a .NET executable file created with PowerGUI and then runs a PowerShell script to fetch the final malware, known as MrAnon Stealer. This malware is a Python-based information stealer compressed with ...
- Nissan probing possible cyberattack and data breach
December 7, 2023
Japanese car manufacturing giant Nissan is investigating a possible data breach, and is warning customers to be wary of potential scam emails and messages delivering malware. In a brief notification published on the Nissan Oceania websites, it was said that the Australian and New Zealand Corporation and Financial Services suffered a “cyber incident”. This division handles distribution, ...
- New macOS Trojan-Proxy piggybacking on cracked software
December 6, 2023
Illegally distributed software historically has served as a way to sneak malware onto victims’ devices. Kaspersky researchers have recently discovered several cracked applications distributed by unauthorized websites and loaded with a Trojan-Proxy. Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of ...
- Genetic testing firm 23andMe admits hackers accessed DNA data of 7m users
December 5, 2023
The genetic testing company 23andMe has said that nearly 7 million people have been affected by a security breach that put DNA ancestry information into the hands of hackers who broke into the site in early October. On Friday, the California-based company said in a regulatory filing that the personal data of 0.1% of customers – ...
- Roblox and Twitch provider Tipalti breached by ransomware
December 5, 2023
Accounting software provider Tipalti says it is investigating a claim by ransomware group ALPHV that they have gained access to Tipalti’s systems. Tipalti makes software for accounting and payment automation and has some big names among its customers. In what seems to be a typical supply chain attack, ALPHV aka BlackCat are now threatening some Tipalti ...