On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- A cryptor, a stealer and a banking trojan
September 28, 2023
Last month Kaspersky researchers covered a wide range of cybercrime topics. For example, Kaspersky published a private report on a new malware found on underground forums that they call ASMCrypt (related to the DoubleFinger loader). But there’s more going on in the cybercrime landscape, so the researchers also published reports on new versions of the Lumma ...
- Indian Cyber Force Claims Responsibility for Cyber Attacks on Canadian Websites
September 28, 2023
A group of pro-India hackers on Wednesday claimed responsibility for bringing down the website of the Canadian Armed Forces for two hours. Following a diplomatic winter between India and Canada, the group, which identifies itself as Indian Cyber Force, warned of launching cyber attacks on Canadian websites on September 21. In the last few days, the ...
- Edinburgh Trams website offline following ‘cyber- attack’
September 28, 2023
An Edinburgh transport website has been taken offline after a “cyber attack”. Edinburgh Trams said on Thursday it was the victim of a “cyber crime” which has affected its website. Threat intelligence platform FalconFeeds said that international ransomware group NoName was behind the attack, and also targeted Swiftcard and Mersey Ferries Limited. Read more… Source: STV News
- Russia: Leonardo’s air booking system resumes after cyberattack
September 28, 2023
Russian state conglomerate Rostec said on Thursday it had restored normal operations at its Leonardo air booking system following what it called a “massive cyberattack from abroad”. “The cyberattack has been successfully repelled,” Rostec said in a statement. It described the incident as a Distributed Denial-of-Service (DDoS) Attack”, in which the attacker floods a server with ...
- QR codes in email phishing
September 27, 2023
QR codes are everywhere: you can see them on posters and leaflets, ATM screens, price tags and merchandise, historical buildings and monuments. People use them to share information, promote various online resources, pay for their goodies, and pass verification. And yet you don’t see lots of QR codes in email: users often read messages on ...
- Czechia: University of Defence victim of cyber-attack
September 27, 2023
Czechia’s University of Defence was the victim of a cyber-attack, with hackers evidently stealing data from the institution’s rector, iRozhlas.cz reported on Wednesday. The news website said the Municipal State Prosecutor’s Office in Brno was looking into the matter. A spokesperson for the National Cyber and Information Security Agency said it would not comment on the ...