On September 15, the Node Package Manager (NPM) repository experienced an ongoing supply chain attack, in which the attackers executed a highly targeted phishing campaign to compromise the account of an NPM package maintainer.
With privileged access, the attackers injected malicious code into widely used JavaScript packages, threatening the entire software ecosystem. Notably, the attack has disrupted several key NPM packages, including those integral to application development and cryptography. According to StepSecurity, the malicious actors behind this incident used similar techniques with the Nx supply chain attack last month. As of September 16, researchers at Socket have already identified close to 500 impacted NPM packages.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cybercriminal sells tool to hide malware in AMD, NVIDIA GPUs
August 31, 2021
Cybercriminals are making strides towards attacks with malware that can execute code from the graphics processing unit (GPU) of a compromised system. While the method is not new and demo code has been published before, projects so far came from the academic world or were incomplete and unrefined. Earlier this month, the proof-of-concept (PoC) was sold on ...
- Bangkok Airways apologizes for passport info breach as LockBit ransomware group threatens data leak
August 30, 2021
Bangkok Airways has apologized for a data breach involving passport information and other personal data in a statement to customers. The company said that it discovered a “cybersecurity attack which resulted in unauthorized and unlawful access to its information system” on August 23. The statement said the company is “deeply sorry for the worry and inconvenience that ...
- Fujitsu says stolen data being sold on dark web ‘related to customers’
August 30, 2021
Data from Japanese tech giant Fujitsu is being sold on the dark web by a group called Marketo, but the company said the information “appears related to customers” and not their own systems. On August 26, Marketo wrote on its leak site that it had 4 GB of stolen data and was selling it. They provided ...
- Cloudflare says it stopped the largest DDoS attack ever reported
August 27, 2021
Cloudflare said it’s system managed to stop the largest reported DDoS attack in July, explaining in a blog post that the attack was 17.2 million requests-per-second, three times larger than any previous one they recorded. Cloudflare’s Omer Yoachimik explained in a blog post that the company serves over 25 million HTTP requests per second on average ...
- Ransomware: It’s only a matter of time before a smart city falls victim, and we need to take action now
August 27, 2021
Ransomware attacks are going to get worse – and one could eventually take out the infrastructure of an entire 5G-enabled smart city, a cybersecurity expert has warned. Cyber criminals deploying ransomware regularly target government services. Not only do public sector IT budgets mean networks are less secure against attacks, but said networks are also used to ...
- Ragnarok ransomware releases master decryptor after shutdown
August 26, 2021
Ragnarok ransomware gang appears to have called it quits and released the master key that can decrypt files locked with their malware. The threat actor did not leave a note explaining the move; all of a sudden, they replaced all the victims on their leak site with a short instruction on how to decrypt files The leak ...