On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber attack on Aussie energy services firm may hit UK CNI
August 21, 2023
Operators of critical utility infrastructure across the UK may have been affected by a developing cyber attack on the systems of Energy One, an Australia-based supplier of software and services for the energy sector. The ongoing incident was disclosed via a statement to the Australian Securities Exchange (ASX) on the morning of Monday 21 August (Sunday ...
- INTERPOL: 14 arrests, thousands of illicit cyber networks disrupted in Africa operation
August 18, 2023
DAR ES SALAM, Tanzania – INTERPOL and AFRIPOL have coordinated an operation across 25 African countries that enabled investigators to arrest 14 suspected cybercriminals and identify 20,674 suspicious cyber networks, highlighting the surge in digital insecurity and cyber threats in the region. The networks identified were linked to financial losses of more than USD 40 ...
- US Offers up to $10 Million for Info on Cyber Attacks in Montenegro
August 18, 2023
The US embassy in Montenegro has placed billboards on several locations in the capital Podgorica, offering up to $10 million for information on cyber attacks in Montenegro operated against American interests. The billboards seek information about ransomware attacks on state information systems, interference in elections, or “malicious cyber activities against critical American infrastructure”. Montenegro has been ...
- Threat Actors are Interested in Generative AI, but Use Remains Limited
August 17, 2023
Since at least 2019, Mandiant has tracked threat actor interest in, and use of, AI capabilities to facilitate a variety of malicious activity. Based on Mandiant own observations and open source accounts, adoption of AI in intrusion operations remains limited and primarily related to social engineering. In contrast, information operations actors of diverse motivations and capabilities ...
- LinkedIn user accounts have been taken over in huge hacking campaign
August 16, 2023
Someone is targeting LinkedIn accounts, trying to break in with either login credentials leaked elsewhere, or with brute-force attacks. As a result, many people have had their accounts compromised, while others have been locked out due to too many failed login attempts. Read more… Source: TechRadar
- China’s Ministry of State Security warns of data security risks after Wuhan Earthquake Monitoring Center cyberattack
August 16, 2023
China’s Ministry of State Security (MSS) on Wednesday warned of data security risks after recent reports identified US intelligence agencies were behind a cyberattack on Wuhan Earthquake Monitoring Center. A joint investigation team formed by the National Computer Virus Emergency Response Center (CVERC) and Chinese cybersecurity company 360 discovered malicious backdoor software that exhibits characteristics of ...