On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- QBot phishing abuses Windows Control Panel EXE to infect devices
November 17, 2022
Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software. DLL hijacking is a common attack method that takes advantage of how Dynamic Link Libraries (DLLs) are loaded in Windows. When a Windows executable is launched, ...
- Get a Loda This: LodaRAT meets new friends
November 17, 2022
Since their first blog post in February of 2020 on the remote access tool (RAT) known as LodaRAT (or Loda), Cisco Talos has monitored its activity and covered their findings in subsequent blog posts. As a continuation of this series, this blog post details new variants and new behavior Cisco Talos researchers have observed while monitoring ...
- Wray tells lawmakers that FBI conducts cyber offensive operations
November 17, 2022
FBI Director Christopher Wray told Senate lawmakers on Thursday that his agency has been conducting offensive cyber operations against state and non-state cyber actors. Wray said offensive operations are one of many tactics the agency employs to counter various cyber threats. “Offense is a critical part of our overall effort to push back against cyber adversaries,” Wray ...
- DEV-0569 finds new ways to deliver Royal ransomware, various payloads
November 17, 2022
Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed DEV-0569 attacks show a pattern of continuous innovation, with regular incorporation of new discovery techniques, ...
- Google wins lawsuit against alleged Russian botnet herders
November 17, 2022
A New York judge has issued a default judgment against two Russian nationals who are alleged to have helped create the “Glupteba” botnet, sold fraudulent credit card information, and generated cryptocurrency using the network. The ad giant said Glupteba had infected one million compromised devices across the globe, where it went on steal users’ account data, ...
- Suspected Zeus cybercrime ring leader ‘Tank’ arrested by Swiss police
November 16, 2022
Vyacheslav Igorevich Penchukov, also known as Tank and one of the leaders of the notorious JabberZeus cybercrime gang, was arrested in Geneva last month. The Swiss Federal Office of Justice (FOJ) said Penchukov was arrested last month and is waiting to be extradited to the United States, although he can still appeal FOJ’s decision. “By order of ...