On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- NSA, FBI, CISA, and Japanese Partners Release Advisory on PRC-Linked Cyber Actors
September 27, 2023
Today, the U.S. National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Cybersecurity and Infrastructure Security Agency (CISA), along with the Japan National Police Agency (NPA) and the Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released joint Cybersecurity Advisory (CSA) People’s Republic of China-Linked Cyber Actors Hide in Router Firmware. The ...
- A Ransomware Group Is Claiming They’ve Breached Sony’s Systems And Stolen Data
September 27, 2023
Although the claims of a data breach are still unverified, Sony has publicly acknowledged the situation and issued a statement to IGN which simply reads, “We are currently investigating the situation, and we have no further comment at this time.” It looks like Sony may have been victim of a breach resulting in the collection of ...
- ASEAN, China, and UNODC agree to a plan of action to address criminal scams in Southeast Asia
September 26, 2023
Senior officials from ASEAN, China and United Nations Office on Drugs and Crime (UNODC) have agreed to address transnational organized crime and trafficking in persons associated with casinos and scams. “Trafficking in persons connected to casinos and scam operations run by organized crime has mushroomed across Southeast Asia, particularly in the Mekong” remarked Jeremy Douglas, UNODC ...
- Dusting for fingerprints: ShadowSyndicate, a new RaaS player?
September 26, 2023
The Ransomware-as-a-Service (RaaS) market is a fast-moving one. Prominent RaaS or affiliate groups can form, wreak havoc, and disband all within a short period of time. In this blog, Group-IB researchers will detail what they believe to be a new RaaS group that appears to operate differently from the rest: Enter ShadowSyndicate. What is unusual about ...
- APT and financial attacks on industrial organizations in H1 2023
September 25, 2023
This summary provides an overview of reports of APT and financial attacks on industrial enterprises that were disclosed in H1 2023, as well as related activities of groups that have been observed attacking industrial organizations and critical infrastructure facilities. For each topic, Kaspersky researchers have sought to summarize the key facts, findings, and conclusions of the ...
- China to impose severe punishment on crimes of cyberbullying, defamation offenses, fabricating sexual topics
September 25, 2023
China on Monday released guidelines to severely punish cyberspace violations that target minors, involve paid posters, fabricate “sexual” topics and use artificial intelligence to disseminate illegal information. The guidelines on punishing crimes of cyberspace violence in accordance with laws were jointly issued by China’s Supreme People’s Court, China’s Supreme People’s Procuratorate and China’s Ministry of Public ...