On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New 0mega ransomware targets businesses in double-extortion attacks
July 8, 2022
A new ransomware operation named ‘0mega’ targets organizations worldwide in double-extortion attacks and demands millions of dollars in ransoms. 0mega (spelled with a zero) is a new ransomware operation launched in May 2022 and has attacked numerous victims since then. A ransomware sample for the 0mega operation hasn’t yet been found, therefore there’s not much information on ...
- Free decryptor released for AstraLocker, Yashma ransomware victims
July 8, 2022
New Zealand-based cybersecurity firm Emsisoft has released a free decryption tool to help AstraLocker and Yashma ransomware victims recover their files without paying a ransom. The free tool is available for download from Emsisoft’s servers, and it allows you to recover encrypted files using easy-to-follow instructions available in this usage guide . “Be sure to quarantine the ...
- Quantum ransomware attack affects 657 healthcare orgs
July 7, 2022
Professional Finance Company Inc. (PFC), a full-service accounts receivables management company, says that a ransomware attack in late February led to a data breach affecting over 600 healthcare organizations. Founded in 1904, PFC helps thousands of healthcare, government, and utility organizations across the U.S. ensure that customers pay their invoices on time. The company started notifying the ...
- Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server
July 6, 2022
Recently, Trend Micro researchers found a brand-new ransomware family that employs a similar scheme: It disguises itself as a legitimate Google Software Update application and uses a Microsoft web hosting service IP address as its command-and-control (C&C) server to circumvent detection. Their investigation also shows that this ransomware uses the QueueUserWorkItem function, a .NET System.Threading ...
- To stop quantum hackers, the US just chose these four quantum-resistant encryption algorithms
July 6, 2022
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has selected four quantum-resistant cryptographic algorithms for general encryption and digital signatures. NIST, a US standards setting body and research organization within the Department of Commerce, announced the four algorithms after a six-year period assessing potential quantum-resistant (QR) alternatives to today’s cryptographic algorithms for ...
- North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector
July 6, 2022
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least May 2021 to target Healthcare and Public Health (HPH) Sector ...