On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Brazilian Ministry of Health recovers systems over a month after cyberattack
January 18, 2022
After a major cyberattack brought key systems of Brazil’s Ministry of Health (MoH) to a halt, the department has reported all its platforms are back online. According to a statement released by the MoH on Friday (14), most systems have been reestablished following a cyberattack in early December 2021, including ConecteSUS, which holds COVID-19 vaccination data. ...
- DHL, Microsoft, WhatsApp top phishing list of most imitated brands
January 17, 2022
DHL took over the top spot of Check Point Research’s list of the most imitated brands among cybercriminals this year, surpassing Microsoft and Google as the brand used most often in phishing emails and scams. The company’s Q4 Brand Phishing Report for 2021 ranks the top 10 most imitated brands in October, November and December. Researchers ...
- Russia: FSB arrests, dismantles REvil hacking group at U.S. request
January 14, 2022
Russia has conducted a special operation against ransomware crime group REvil at the request of the United States and has detained and charged the group’s members, the FSB domestic intelligence service said on Friday. The hacker group sought by Washington has been dismantled and the United States has been informed of the steps taken by Russia, ...
- Cyberattack shuts down Albuquerque schools; county copes with ransomware incident
January 13, 2022
School officials in Albuquerque, New Mexico have cancelled classes for Thursday and Friday due to a cyberattack. The shutdown took place just days after a ransomware attack hit government services across Bernalillo County. In a statement posted to the Albuquerque Public Schools (APS) website, officials said schools will remain closed “as the district continues to investigate ...
- Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry
January 13, 2022
The Lazarus, Cobalt, and FIN7 hacking groups have been labeled as the most prevalent threat actors striking financial organizations today. According to “Follow the Money,” a new report published on the financial sector by Outpost24’s Blueliv on Thursday, members of these groups are the major culprits of theft and fraud in the industry today. The financial sector ...
- Maryland officials confirm ransomware attack shut down Department of Health
January 12, 2022
Maryland officials confirmed on Wednesday that state’s Department of Health is dealing with a devastating ransomware attack, which has left hospitals struggling amid a surge of COVID-19 cases. In a statement released on Wednesday, Maryland Chief Information Security Officer Chip Stewart said the attack began on December 4 and crippled their systems. “We have paid no extortion ...