On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Bank of America at odds with Lloyd’s over state-backed cyberattack exemption
April 20, 2023
Bank of America has reportedly raised concerns with Lloyd’s of London about a move to exempt “state-backed” cyberattacks from standard insurance policies. Bank of America highlighted its concerns with the policy in a series of meetings between Lloyd’s and its biggest clients, the Financial Times reported. Read more… Source: MSN News
- Ransomware Attack Hits Marinette Marine Shipyard, Results in Short-Term Delay of Frigate, Freedom LCS Construction
April 20, 2023
The Wisconsin shipyard that builds the U.S. Navy’s Freedom-class Littoral Combat Ship and the Constellation-class guided-missile frigate suffered a ransomware attack last week that delayed production across the shipyard, USNI News has learned. Fincantieri Marinette Marine experienced the attack in the early morning hours of April 12, when large chunks of data on the shipyard’s network ...
- Medusa ransomware crew brags about spreading Bing, Cortana source code
April 20, 2023
The Medusa ransomware gang has put online what it claims is a massive leak of internal Microsoft materials, including Bing and Cortana source code. “This leak is of more interest to programmers, since it contains the source codes of the following Bing products, Bing Maps and Cortana,” the crew wrote on its website, which was screenshotted ...
- Microsoft SQL servers hacked to deploy Trigona ransomware
April 19, 2023
Attackers are hacking into poorly secured and Interned-exposed Microsoft SQL (MS-SQL) servers to deploy Trigona ransomware payloads and encrypt all files. The MS-SQL servers are being breached via brute-force or dictionary attacks that take advantage of easy-to-guess account credentials. Read more… Source: Bleeping Computer
- Growth of ‘hackers for hire’ will lead to more attacks and unpredictable threats, UK cyber security agency warns
April 19, 2023
The number of “hackers for hire” is set to grow over the next five years, leading to more cyber attacks and increasingly unpredictable threats, the UK’s cyber security agency has warned. A rise in spyware is also anticipated and other hacking tools, according to a new report by the National Cyber Security Centre (NCSC), which is ...
- Play ransomware gang uses custom Shadow Volume Copy data-theft tool
April 19, 2023
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses to improve the effectiveness of its cyberattacks. The two tools enable attackers to enumerate users and computers in compromised networks, gather information about security, backup, and remote administration software, and easily copy files from Volume Shadow ...