On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Restaurant CRM platform ‘SevenRooms’ confirms breach after data for sale
December 18, 2022
Restaurant customer management platform SevenRooms has confirmed it suffered a data breach after a threat actor began selling stolen data on a hacking forum. SevenRooms is a restaurant customer relationship management (CRM) platform used by international restaurant chains and hospitality service providers, such as MGM Resorts, Bloomin’ Brands, Mandarin Oriental, Wolfgang Puck, and many more. On December ...
- Glupteba malware is back in action after Google disruption
December 17, 2022
The Glupteba malware botnet has sprung back into action, infecting devices worldwide after its operation was disrupted by Google almost a year ago. In December 2021, Google managed to cause a massive disruption to the blockchain-enabled botnet, securing the court orders to take control of the botnet’s infrastructure and filing complaints against two Russian operators. Nozomi now ...
- Australia: Fire Rescue Victoria confirms cyber attack from ‘external third party’ as outage continues
December 16, 2022
Fire Rescue Victoria has confirmed it has been the victim of a cyber attack as it continues to deal with a widespread IT outage. FRV revealed on Thursday it was having to alert firefighters to emergencies by mobile phone and radio because of an outage affecting its computer dispatch system. The service said preliminary investigations had ...
- Agenda Ransomware Uses Rust to Target More Vital Industries
December 16, 2022
This year, ransomware-as-a-service (RaaS) groups like BlackCat, Hive, and RansomExx have developed versions of their ransomware in Rust, a cross-platform language that makes it easier to tailor malware to different operating systems like Windows and Linux. In this blog entry, Trend Micro shed light on Agenda (also known as Qilin), another ransomware group that has ...
- FBI: Criminal Actors Use Business Email Compromise to Steal Large Shipments of Food Products and Ingredients
December 15, 2022
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are releasing this joint Cybersecurity Advisory (CSA) to advise the Food & Agriculture sector about recently observed incidents of criminal actors using business email compromise (BEC) to steal shipments of food ...
- Ransomware Business Models: Future Pivots and Trends
December 15, 2022
As modern ransomware attacks became one of the most dangerous cybersecurity incidents that can happen to organizations in recent years, we explored its current state and the possible directions that ransomware groups can take it. Noting that there are other cybercriminal business models where more illicit money can be made, and the changing geopolitical and ...