On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- British Airways, Boots staff data compromised by payroll cyber hack
June 5, 2023
British Airways and retailer Boots said their staff were amongst those hit by a cyber attack on Zellis, a payroll provider used by hundreds of companies in Britain. British Airways, owned by IAG, said it had notified affected employees and was providing them with support. Read more… Source: MSN News
- Satacom delivers browser extension that steals cryptocurrency
June 5, 2023
Satacom downloader, also known as LegionLoader, is a renowned malware family that emerged in 2019. It is known to use the technique of querying DNS servers to obtain the base64-encoded URL in order to receive the next stage of another malware family currently distributed by Satacom. The Satacom malware is delivered via third-party websites. Some of ...
- Swiss administration hit by cyber attack
June 3, 2023
Swiss authorities are investigating a cyber attack on the IT company Xplain, whose clients include many federal and cantonal government departments, including the army and customs. The online attack was revealed on Saturday by the newspaper Le Temps, which reported that “several cantonal police forces, the Swiss army and the Federal Office of Police (Fedpol) have ...
- Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
June 2, 2023
Mandiant has observed wide exploitation of a zero-day vulnerability in the MOVEit Transfer secure managed file transfer software for subsequent data theft. This vulnerability was announced by Progress Software Corporation on May 31, 2023 and has been assigned CVE-2023-34362. Based on initial analysis from Mandiant incident response engagements, the earliest evidence of exploitation occurred on May ...
- A Confession Exposes India’s Secret Hacking Industry
June 1, 2023
In the summer of 2020, Jonas Rey, a private investigator in Geneva, got a call from a client with a hunch. The client, the British law firm Burlingtons, represented an Iranian-born American entrepreneur, Farhad Azima, who believed that someone had hacked his e-mail account. Azima had recently helped expose sanctions-busting by Iran, so Iranian hackers ...
- New Horabot campaign targets the Americas
June 1, 2023
Cisco Talos has observed a threat actor deploying a previously unidentified botnet program Talos is calling “Horabot,” which delivers a known banking trojan and spam tool onto victim machines in a campaign that has been ongoing since at least November 2020. The threat actor appears to be targeting Spanish-speaking users in the Americas and, based on ...