On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber Signals: Shifting tactics fuel surge in business email compromise
May 19, 2023
Today Microsoft released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022. Successful BEC attacks cost organizations hundreds of millions of dollars annually. In 2022, the FBI’s Recovery ...
- Man jailed for running multimillion-pound criminal website iSpoof
May 19, 2023
The man responsible for running a multimillion-pound fraud website, used by scammers to trick people into handing over their bank details, has been jailed. Tejay Fletcher, 35, pleaded guilty to running iSpoof, a website that allowed criminals and fraudsters to appear as if they were calling from banks, tax offices and other official bodies in an ...
- Is your car safe from a cyber attack?
May 17, 2023
In January 2022, 19-year-old David Colombo from Dinkelsbühl, Germany, announced via Twitter that he had been able to hack at least 25 Tesla vehicles in 13 countries and partially take them over. “So, I now have full remote control of over 25 Teslas in 13 countries and there seems to be no way to find ...
- CISA and Partners Release BianLian Ransomware Cybersecurity Advisory
May 16, 2023
CISA, the Federal Bureau of Investigation (FBI), and the Australian Cyber Security Centre (ACSC) have released a joint Cybersecurity Advisory (CSA) with known BianLian ransomware and data extortion group technical details. Microsoft and Sophos contributed to the advisory. To reduce the likelihood and impact of BianLian and other ransomware incidents, CISA encourages organizations to implement ...
- Lancefly: Group Uses Custom Backdoor to Target Orgs in Government, Aviation, Other Sectors
May 15, 2023
The Lancefly advanced persistent threat (APT) group is using a custom-written backdoor in attacks targeting organizations in South and Southeast Asia, in activity that has been ongoing for several years. Lancefly may have some links to previously known groups, but these are low confidence, which led researchers at Symantec, by Broadcom Software, to classify this activity ...
- Data of 5.82M PharMerica patients stolen, accessed during cyberattack
May 15, 2023
More than 5.81 million patients tied to PharMerica have been notified that their data was accessed and stolen during a March cyberattack. The long-term care pharmacy solution provider reported the breach to the Office of the Maine Attorney General on May 12. On March 14, PharMerica “learned of suspicious activity” on its network and worked to ...