On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- US sanctions Russian accused of laundering Ryuk ransomware funds
November 6, 2023
The U.S. government has sanctioned a Russian national for allegedly laundering millions of dollars’ worth of victim ransom payments on behalf of individuals linked to the notorious Ryuk ransomware group. According to an announcement from the U.S. Treasury’s Office of Foreign Assets Control (OFAC), Ekaterina Zhdanova, 37, is accused of using virtual currency exchange transfers and ...
- Allied Pilots Association Hit With Ransomware Attack
November 4, 2023
On October 30, APA experienced a cybersecurity incident referred to by the union as a ransomware attack. In a statement, the Allied Pilots Association explained, “Upon discovery of the incident, we immediately took steps to secure our networks. Our IT team, with the support of outside experts, continues to work nonstop to restore our systems.” This ...
- Infosys subsidiary hit by cyber security attack
November 3, 2023
Infosys announced on Friday, November 3, that its US unit, Infosys McCamish Systems, was impacted by a cyber security event, resulting in the non-availability of certain applications and systems. The IT services major said it is working with a cyber security company to resolve the issue and that it had launched an investigation to identify the ...
- Payola ransomware operator demands remote access to PC
November 3, 2023
The Sonicwall threat research team have recently been tracking a new ransomware family called Payola. This family of ransomware appeared in late August 2023. It is written in .NET and is easy to analyze as it contains no obfuscation. Early variants would append “.Payola” to the names of encrypted files but the current variants use ...
- UK: Huge data breach at Southend-on-Sea City Council
November 2, 2023
Details of over 2,000 staff and councillors have been made public in a council data breach. Southend-on-Sea City Council could face six-figure fines for the mistake. The information disclosed included names, addresses and National Insurance numbers. The council leader has apologised and said that all those affected would be contacted and offered advice and support. ...
- Mortgage and loan giant Mr. Cooper blames cyberattack for ongoing outage
November 2, 2023
Mortgage and loan giant Mr. Cooper says a “cybersecurity incident” earlier this week was the cause of an ongoing outage, adding that the company is “working to resolve the issue.” The Texas-based company said in a statement on its website that on October 31, Mr. Cooper “became the target of a cyber security incident and took ...