On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Leaked Private & BootGuard Keys in MSI Cyber Attack Pose Threat to PC Security
May 8, 2023
Following a recent cyber attack on MSI’s systems, hackers managed to obtain private keys and Intel BootGuard Keys, according to a warning from respected security firm Binarly. These keys are essential for maintaining the security of a company’s devices and firmware, and the leak could result in severe security compromises. Binarly’s CEO, Alex Matrosov, disclosed on ...
- Meet Akira – A new ransomware operation targeting the enterprise
May 7, 2023
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms. Launched in March 2023, Akira claims to have already conducted attacks on sixteen companies. These companies are in various industries, including education, finance, real estate, manufacturing, and consulting. Read more… Source: Bleeping ...
- New Cactus ransomware encrypts itself to evade antivirus
May 7, 2023
A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of “large commercial entities.” The Cactus ransomware operation has been active since at least March and is looking for big payouts from its victims. Read more… Source: Bleeping Computer
- UAE issues warning over cyber-attacks
May 6, 2023
The UAE Cybersecurity Council called on public and private sectors to exercise the utmost caution against any cyber-attacks that may target the national digital infrastructure and assets. The Council demanded the public and private entities to activate the cyber emergency response system in cooperation with the competent authorities in order to share data so as to ...
- Not quite an Easter egg: a new family of Trojan subscribers on Google Play
May 4, 2023
Every once in a while, someone will come across malicious apps on Google Play that seem harmless at first. Some of the trickiest of these are subscription Trojans, which often go unnoticed until the user finds they have been charged for services they never intended to buy. This kind of malware often finds its way ...
- FCA urges Capita clients to ascertain if data was compromised in cyber-attack
May 3, 2023
The City regulator has contacted Capita’s corporate clients urging them to ascertain whether their customers’ data has been compromised after a cyber-attack on the outsourcer in March. The Financial Conduct Authority said it had written to firms it regulates and which outsource work to Capita to ensure they are “fully engaged” in assessing the fallout from ...