On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware
September 21, 2022
Trend Micro researchers observed the active exploitation of CVE-2022-26134, an unauthenticated remote code execution (RCE) vulnerability with a critical rating of 9.8 in the collaboration tool Atlassian Confluence. The gap is being abused for malicious cryptocurrency mining. Confluence has already released a security advisory detailing the fixes necessary for all affected products, namely all versions ...
- MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches
September 20, 2022
Hackers are more frequently using social engineering attacks to gain access to corporate credentials and breach large networks. One component of these attacks that is becoming more popular with the rise of multi-factor authentication is a technique called MFA Fatigue. When breaching corporate networks, hackers commonly use stolen employee login credentials to access VPNs and the ...
- Uber blames security breach on Lapsus$, says it bought credentials on the dark web
September 19, 2022
The security breach that hit Uber last week was the work of Lapsus$, Uber said in a blog post Monday. The South American hacking group has attacked a number of technology giants in the past year, including Microsoft, Samsung, and Okta. Uber said it is in close coordination with the FBI and US Justice Department on ...
- American Airlines discloses data breach after employee email compromise
September 19, 2022
American Airlines has notified customers of a recent data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information. In notification letters sent on Friday, September 16th, the airline explained that it has no evidence that the exposed data was misused. American Airlines discovered the breach on July 5th, ...
- Meet Pedro, the police dog sniffing out Canberra’s cybercrime
September 17, 2022
Hold your smartphone up to your nose and take a deep sniff. That’s what Pedro can smell too. Pedro is a technology detector dog for the National Canine Operations unit of the Australian Federal Police (AFP). He and his four-legged peers are tasked with sniffing out laptops, phones, USB sticks and other electronic devices for criminal ...
- New York ambulance service discloses data breach after ransomware attack
September 17, 2022
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022. An investigation into the incident revealed that the intruder had gained access to Empress EMS’ systems on May 26, 2022. ...