On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Attackers Impersonate DoT in Two-Day Phishing Scam
September 15, 2021
Threat actors impersonated the U.S. Department of Transportation (USDOT) in a two-day phishing campaign that used a combination of tactics – including creating new domains that mimic federal sites so as to appear to be legitimate – to evade security detections. Between Aug. 16-18, researchers at e-mail security provider INKY detected 41 phishing emails dangling the ...
- Phishing Eager Travelers
September 15, 2021
Threat actors have always been adept at keeping abreast of worldwide trends – ranging from geopolitical to technical – and rapidly exploiting these trends for their benefit. The current pandemic is no exception. Unit 42 has previously reported on how cybercriminals have preyed on consumers during COVID-19 and on the use of COVID-19 themed phishing ...
- The state of ransomware: national emergencies and million-dollar blackmail
September 14, 2021
Banks have been “disproportionately affected” by a surge in ransomware attacks, clocking a 1,318% increase year-on-year in 2021. Ransomware has become one of the most well-known and prevalent threats against the enterprise today. This year alone, we have seen high-profile cases of ransomware infection — including against Colonial Pipeline, Kaseya, and Ireland’s health service — cause ...
- Brazil debates creation of national strategy to tackle cybercrime
September 13, 2021
Amid growing concerns about increasing threats in the cybersecurity space, the Brazilian government and the banking sector are discussing the creation of a strategy to address crime in digital environments. The president at the Brazilian Federation of Banks (FEBRABAN), Isaac Sidney, and the Minister of Justice and Public Security, Anderson Torres, have started negotiations for the ...
- BlackMatter ransomware hits medical technology giant Olympus
September 13, 2021
Olympus, a leading medical technology company, is investigating a “potential cybersecurity incident” that impacted some of its EMEA (Europe, Middle East, Africa) IT systems last week. Olympus has more than 31,000 employees worldwide and over 100 years of history developing for the medical, life sciences, and industrial equipment industries. The company’s camera, audio recorder, and binocular divisions ...
- Windows MSHTML zero-day exploits shared on hacking forums
September 12, 2021
Threat actors are sharing Windows MSHTML zero-day (CVE-2021-40444) tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks. Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a ...